sabnzbdplus - Debian Package Tracker

general

source: sabnzbdplus (contrib)
version: 4.5.4+dfsg-4
maintainer: Jeroen Ploemen (DMD)
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.1.1+dfsg-2+deb11u1
oldstable: 3.7.1+dfsg-2
old-bpo: 4.5.0+dfsg-1~bpo12+1
stable: 4.5.0+dfsg-1
stable-bpo: 4.5.4+dfsg-3~bpo13+1
testing: 4.5.4+dfsg-4
unstable: 4.5.4+dfsg-4

versioned links

3.1.1+dfsg-2+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.1+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.5.0+dfsg-1~bpo12+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.5.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.5.4+dfsg-3~bpo13+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.5.4+dfsg-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

sabnzbdplus (2 bugs: 0, 1, 1, 0)

action needed

Marked for autoremoval on 08 June due to starlette: #1134850 high

Version 4.5.4+dfsg-4 of sabnzbdplus is marked for autoremoval from testing on Mon 08 Jun 2026. It depends (transitively) on starlette, affected by #1134850. You should try to prevent the removal by fixing these RC bugs.

Created: 2026-05-02 Last update: 2026-05-16 05:31

A new upstream version is available: 5.0.2 high

A new upstream version 5.0.2 is available, you should consider packaging it.

Created: 2025-11-27 Last update: 2026-05-16 03:01

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2026-04-06 Last update: 2026-05-16 05:30

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 5.0.2+dfsg-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 79330ba95372973a1042c51ba7416c77d34b506c
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 10:26:19 2026 +0000

    import flaky in patch 10

commit 45f8b78d9719d3325c48197130ff450a0d12ac01
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:43:13 2026 +0000

    fix typ0

commit 7b76e25e17ed32f0332f0b07e92e7c9e956b627d
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 11:41:21 2026 +0200

    Coypright: bump years.

commit cfaeb1240041f57123b6061f14f393523508fba0
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:40:32 2026 +0000

    clean up d/changelog

commit e097f7d15ad7627a4b0b64de8ddd65216e1bf97e
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 11:37:33 2026 +0200

    Control: bump dependency on sabctools to 9.4.x.

commit 8411a16c50aa2f35eca7969a08a56580b2b57126
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 10:50:58 2026 +0200

    Test: add dep on newly packaged python3-tavern, and enable its use by removing tavern-related changes from patch 10.

commit 332bd7efad5d728fc9642f6ef37e52932a199ba2
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 10:47:17 2026 +0200

    Control: replace dep on python3-chardet with python3-charset- normalizer.

commit afbe7956ef89c11bed201e0d274a50b46f7e4b59
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 10:41:21 2026 +0200

    Patches: refresh all.

commit c182fd6829621e709da26cb6872e6a6f6d151610
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:58:56 2026 +0200

    Control: remove redundant fields.
    
    * Control: remove redundant fields.
    * Bump Standards-Version to 4.7.4 (from 4.7.2; no further changes).

commit 162caa95bf6ebfa3824a342f10f86b1f699a08f2
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:57:41 2026 +0200

    Patches: remove 90, released upstream.

commit 84033103afe427768476b7f24e0ab2903b78b6c9
Merge: e4de319 6e99e13
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:55:09 2026 +0200

    Update upstream source from tag 'upstream/5.0.2+dfsg'
    
    Update to upstream version '5.0.2+dfsg'
    with Debian dir f6e2a516a311bc7692db819e549ebf37a44b923f

commit 6e99e13fbc40e8343ffe07924a74c1ea462385b3
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:54:59 2026 +0200

    New upstream version 5.0.2+dfsg

commit e4de319260945008df881695f550df2018b1977b
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:54:50 2026 +0200

    Watch: bump to v5.

commit b662d3de16c8029124e6d35ac4978ed5c4adc3c6
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Fri May 15 09:50:12 2026 +0200

    New upstream release.

commit 110ab1969e6113e43b9a297242896e3a6d2b96a9
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Sat Mar 28 18:36:56 2026 +0100

    Control: switch par2 dependency to "par2-turbo | par2".

commit 377a397068354fd6d9e264988ecbac4d1f0500a8
Author: Jeroen Ploemen <jcfp@debian.org>
Date:   Wed Mar 25 10:42:21 2026 +0100

    Tests: re-enable TestPar2Repair.test_basic, fixed upstream.

Created: 2026-05-15 Last update: 2026-05-15 12:01

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-12-31 Last update: 2026-02-16 15:18

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2023-34237: (needs triaging) SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Script functionality allows code execution with the privileges of the SABnzbd process. Exploiting the vulnerabilities requires access to the web interface. Remote exploitation is possible if users[exposed their setup to the internet or other untrusted networks without setting a username/password. By default SABnzbd is only accessible from `localhost`, with no authentication required for the web interface. This issue has been patched in commits `e3a722` and `422b4f` which have been included in the 4.0.2 release. Users are advised to upgrade. Users unable to upgrade should ensure that a username and password have been set if their instance is web accessible.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-06-08 Last update: 2026-04-28 19:02

debian/patches: 6 patches to forward upstream low

Among the 6 debian patches available in version 4.5.4+dfsg-4 of the package, we noticed the following issues:

6 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2026-01-27 18:31

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.2).

Created: 2025-12-23 Last update: 2026-03-31 15:01

news

[rss feed]

[2026-02-01] sabnzbdplus 4.5.4+dfsg-4 MIGRATED to testing (Debian testing watch)
[2026-01-27] Accepted sabnzbdplus 4.5.4+dfsg-4 (source) into unstable (Jeroen Ploemen)
[2026-01-08] Accepted sabnzbdplus 4.5.4+dfsg-3~bpo12+1 (source) into oldstable-backports-sloppy (Debian FTP Masters) (signed by: Jeroen Ploemen)
[2026-01-07] Accepted sabnzbdplus 4.5.4+dfsg-3~bpo13+1 (source) into stable-backports (Jeroen Ploemen)
[2026-01-07] sabnzbdplus 4.5.4+dfsg-3 MIGRATED to testing (Debian testing watch)
[2026-01-01] Accepted sabnzbdplus 4.5.4+dfsg-3 (source) into unstable (Jeroen Ploemen)
[2025-12-30] Accepted sabnzbdplus 4.5.4+dfsg-2 (source) into unstable (Jeroen Ploemen)
[2025-11-01] Accepted sabnzbdplus 4.5.4+dfsg-1~bpo12+1 (source) into oldstable-backports-sloppy (Debian FTP Masters) (signed by: Jeroen Ploemen)
[2025-10-30] Accepted sabnzbdplus 4.5.4+dfsg-1~bpo13+1 (source) into stable-backports (Jeroen Ploemen)
[2025-10-28] sabnzbdplus 4.5.4+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-10-23] Accepted sabnzbdplus 4.5.4+dfsg-1 (source) into unstable (Jeroen Ploemen)
[2025-09-14] Accepted sabnzbdplus 4.5.2+dfsg-1~bpo12+1 (source all) into oldstable-backports-sloppy (Debian FTP Masters) (signed by: Jeroen Ploemen)
[2025-08-26] Accepted sabnzbdplus 4.5.2+dfsg-1~bpo13+1 (source all) into stable-backports (Debian FTP Masters) (signed by: Jeroen Ploemen)
[2025-08-17] sabnzbdplus 4.5.2+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-08-10] Accepted sabnzbdplus 4.5.2+dfsg-1 (source) into unstable (Jeroen Ploemen)
[2025-04-07] Accepted sabnzbdplus 4.5.0+dfsg-1~bpo12+1 (source) into stable-backports (Jeroen Ploemen)
[2025-04-07] sabnzbdplus 4.5.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-04-02] Accepted sabnzbdplus 4.5.0+dfsg-1 (source) into unstable (Jeroen Ploemen)
[2025-03-19] sabnzbdplus 4.4.1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2025-03-14] Accepted sabnzbdplus 4.4.1+dfsg-2 (source) into unstable (Jeroen Ploemen)
[2025-03-11] Accepted sabnzbdplus 4.4.1+dfsg-1~bpo12+1 (source) into stable-backports (Jeroen Ploemen)
[2025-03-11] sabnzbdplus 4.4.1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2025-03-06] Accepted sabnzbdplus 4.4.1+dfsg-1 (source) into unstable (Jeroen Ploemen)
[2024-12-21] Accepted sabnzbdplus 4.4.0+dfsg-1~bpo12+1 (source) into stable-backports (Jeroen Ploemen)
[2024-12-21] sabnzbdplus 4.4.0+dfsg-1 MIGRATED to testing (Debian testing watch)
[2024-12-16] Accepted sabnzbdplus 4.4.0+dfsg-1 (source) into unstable (Jeroen Ploemen)
[2024-08-27] Accepted sabnzbdplus 4.3.3+dfsg-1~bpo12+1 (source) into stable-backports (Jeroen Ploemen)
[2024-08-27] sabnzbdplus 4.3.3+dfsg-1 MIGRATED to testing (Debian testing watch)
[2024-08-22] Accepted sabnzbdplus 4.3.3+dfsg-1 (source) into unstable (Jeroen Ploemen)
[2024-06-19] Accepted sabnzbdplus 4.3.2+dfsg-1~bpo11+1 (source) into oldstable-backports-sloppy (Debian FTP Masters) (signed by: Jeroen Ploemen)

bugs [bug history graph]

all: 2
RC: 0
I&N: 1
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 2)
buildd: logs
popcon
browse source code
other distros
security tracker
screenshots
l10n (-, 83)
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.5.4+dfsg-4