-
pyyaml (5.3.1-3ubuntu1) hirsute; urgency=medium
* SECURITY UPDATE: FullLoader arbitrary code execution
- debian/patches/CVE-2020-14343.patch: move a few constructors from
full_load to unsafe_load in lib/yaml/constructor.py,
lib3/yaml/constructor.py, tests/lib/test_recursive.py,
tests/lib3/test_recursive.py.
- CVE-2020-14343
-- Marc Deslauriers <email address hidden> Mon, 12 Apr 2021 09:24:50 -0400
-
pyyaml (5.3.1-3build1) hirsute; urgency=medium
* No-change rebuild to drop python3.8 extensions.
-- Matthias Klose <email address hidden> Mon, 07 Dec 2020 18:21:23 +0100
-
pyyaml (5.3.1-3) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Update Maintainer field with new Debian Python Team
contact address.
* d/control: Update Vcs-* fields with new Debian Python Team Salsa
layout.
[ Michael Hudson-Doyle ]
* d/tests/control: Add python3-all to Depends:.
* d/control: Add myself to Uploaders.
-- Michael Hudson-Doyle <email address hidden> Fri, 23 Oct 2020 12:33:33 +1300
-
pyyaml (5.3.1-2build1) hirsute; urgency=medium
* No-change rebuild to build with python3.9 as supported.
-- Matthias Klose <email address hidden> Sat, 24 Oct 2020 13:18:49 +0200
-
pyyaml (5.3.1-2) unstable; urgency=medium
* Drop support for python2 (Closes: #938309)
* Delete obsolete README.source
* Replace autopkgtest-pkg-python with running the actual upstream test suite
* Set Multi-Arch allowed for python3-yaml (Closes: #918804)
* Patch upstream test system to make test failures fatal (Closes: #918893)
* Delete ancient version constraints in Build-Depends for python3-all-dev
and libyaml-dev
-- Scott Kitterman <email address hidden> Wed, 15 Apr 2020 11:13:39 -0400