Back to rdflib PTS page

Accepted rdflib 4.1.2-3+deb8u1 (source amd64 all) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted rdflib 4.1.2-3+deb8u1 (source amd64 all) into oldstable
From: Brian May <bam@debian.org>
Date: Mon, 18 Mar 2019 06:50:15 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1h5m6B-0000Go-6O@seger.debian.org>
Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 08 Mar 2019 07:38:55 +1100
Source: rdflib
Binary: python-rdflib python3-rdflib python-rdflib-doc python-rdflib-tools
Architecture: source amd64 all
Version: 4.1.2-3+deb8u1
Distribution: jessie-security
Urgency: high
Maintainer: Christian M. Amsüss <chrysn@fsfe.org>
Changed-By: Brian May <bam@debian.org>
Description:
 python-rdflib - Python library containing an RDF triple store and RDF parsers/ser
 python-rdflib-doc - Python library containing an RDF triple store and RDF parsers/ser
 python-rdflib-tools - Python library containing an RDF triple store and RDF parsers/ser
 python3-rdflib - Python 3 library containing an RDF triple store and RDF parsers/s
Changes:
 rdflib (4.1.2-3+deb8u1) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2019-7653:  The Debian package had a custom wrapper that can load
     Python modules from the current working directory, allowing code injection.
     This is because "python -m" looks in this directory. This version uses the
     easy_install provided scripts instead of our our custom scripts.
   * Remove html5lib and SPARQLWrapper from upstream install_requires, because
     this information was not checked with previous wrapper,
     these are only included for Python 2.7, and
     they are not listed in the depends header.
Checksums-Sha1:
 1b60cab367da48a573a42374b48d2eeb5e3b26cb 2460 rdflib_4.1.2-3+deb8u1.dsc
 5699cab47a413a32a984e9691ad57960c184aa6e 894937 rdflib_4.1.2.orig.tar.gz
 7312a1ab29e27ac068bce9834d970c2f85a0fc73 27724 rdflib_4.1.2-3+deb8u1.debian.tar.xz
 a46f8c55a64585f486acc8ef2e562ef28f3eac7e 243828 python-rdflib_4.1.2-3+deb8u1_amd64.deb
 b684ac40575c5891d42043d47f63fd88d1ff8d29 242736 python3-rdflib_4.1.2-3+deb8u1_amd64.deb
 569d59326e3750c5dfdb4aef116db1b9845e0305 604178 python-rdflib-doc_4.1.2-3+deb8u1_all.deb
 97f7312629b9a767c8e73a77dd307b1c3fa7910b 24964 python-rdflib-tools_4.1.2-3+deb8u1_amd64.deb
Checksums-Sha256:
 52e4830336afae88607c933f4a772e3badc1d2a77f27e51b14d72c31079b5bf5 2460 rdflib_4.1.2-3+deb8u1.dsc
 58ee60b561076829578e16eb4a47606f56079f44669340f1ed88c0a5f37c5aea 894937 rdflib_4.1.2.orig.tar.gz
 201d73c09ff1ed9a591b79453386295d2baf4d75001cc9d0615e5c15dd7ec86c 27724 rdflib_4.1.2-3+deb8u1.debian.tar.xz
 6fcd37f95a03b228ec41984a63db781300b70b421deb30047875dda6157039fc 243828 python-rdflib_4.1.2-3+deb8u1_amd64.deb
 11773f578370889b11d43e09071fa3a6f031ed6e638cec4d67f9ea7c7b334c0b 242736 python3-rdflib_4.1.2-3+deb8u1_amd64.deb
 f3c8f69373f1e4d9d799a7215662cf7898f1b3863069cd620153e35218d1a231 604178 python-rdflib-doc_4.1.2-3+deb8u1_all.deb
 b109af8772f3ec37637959bb9d60b4accdf365d8c93a29e41ed5b137fc787474 24964 python-rdflib-tools_4.1.2-3+deb8u1_amd64.deb
Files:
 2786d4a9bbe9c99da5178006faa95744 2460 python optional rdflib_4.1.2-3+deb8u1.dsc
 5c284061f1f2a086b0782644afbaac59 894937 python optional rdflib_4.1.2.orig.tar.gz
 1f0af093698c2e66a38a069c53da27a8 27724 python optional rdflib_4.1.2-3+deb8u1.debian.tar.xz
 843ee3ead42541a9a892a75787b2fabd 243828 python optional python-rdflib_4.1.2-3+deb8u1_amd64.deb
 ff41ec60b58d04a59158a73dd2675035 242736 python optional python3-rdflib_4.1.2-3+deb8u1_amd64.deb
 ab61c5cc6593b020502f4b8cc840a85c 604178 doc optional python-rdflib-doc_4.1.2-3+deb8u1_all.deb
 d531afce23f65873014b5365072f6c9d 24964 python optional python-rdflib-tools_4.1.2-3+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKpwfR8DOwu5vyB4TKpJZkldkSvoFAlyPOW0ACgkQKpJZkldk
SvrXkg/8Dqq2LLEc7JdQkL6Lre2Sr7KAwaLKASsq8z1D5S/FYAIWmTJuufVMWtUJ
HcBN50q5jiRGBAMulRRiaSQBtTv++zRYd0cgD77u1gBHCY7WY1fCur0uhpExnQVv
ngzXLoCMu8a0QWsRDI2pJIAFOPzTmiMCD4e1dHBK0jtXuASxb8ohHqVZozZ1js/l
xw21VoDmwKOQnEZxpoC04eUuy/RkMaB632JwchefeBIryVLcRbkI5FCdleZqaXt7
EsHhlwfwJ6mclW8IGKlswTp2dPcRwYeszf30mTpe1NeJBJV9U1UrYzuiduOY8ojs
z88W5+C8d0WHqbEwILAxEFY/z3jNoUOlS/4IFfN3JFl0/7uWxZRAnazJmEmTbxZj
/i8EclPg2p+Y3ciM4Gtx7dXE/2n3sb1k+6zK3jMl5rQuJaNk+SQIB+OKxp2hPDir
VlouFpRXmYxgUZB2szMub7rheYPsskCAVEGPd/drDDtutx9UJN8LkQgDJEWBCYoT
FffHJj5LeMvQjzFB7nJavT0ONiKd4x0bVEz24IsFykpRpnfFW+U1LeNJazH0GCFq
xaFMExJRako+frnaXHyg4rHur0QjAeZFiIaIcZwO4pC4qedpjjEtPr7y8fjNnviQ
HVSsse1e65TS7gqUi+byKbjR8XnPHOtr0FdGmMNE9iKTy03Jn3c=
=fIq/
-----END PGP SIGNATURE-----