-
python-pip (20.0.2-5ubuntu1.10) focal-security; urgency=medium
* No-change rebuild for urllib3 update.
-- Jorge Sancho Larraz <email address hidden> Thu, 09 Nov 2023 09:23:25 +0100
-
python-pip (20.0.2-5ubuntu1.9) focal-security; urgency=medium
* No-change rebuild for requests update.
-- Marc Deslauriers <email address hidden> Mon, 05 Jun 2023 14:20:19 -0400
-
python-pip (20.0.2-5ubuntu1.8) focal-security; urgency=medium
* SECURITY UPDATE: ReDOS in wheel.py
- debian/patches/CVE-2022-40898.patch: Fix potential DoS attack
via wheel_file_re by restricting matching dash and dot characters
in src/pip/_internal/models/wheel.py.
- CVE-2022-40898
-- David Fernandez Gonzalez <email address hidden> Tue, 28 Feb 2023 10:41:12 +0100
-
python-pip (20.0.2-5ubuntu1.7) focal-security; urgency=medium
* No-change rebuild due to wheel and setuptools update.
-- David Fernandez Gonzalez <email address hidden> Tue, 24 Jan 2023 10:31:49 +0100
-
python-pip (20.0.2-5ubuntu1.6) focal; urgency=medium
* Update debundle.patch so pypy uses base_prefix as well, fixing pypy
virtualenvs. (LP: #1935882)
-- Stefano Rivera <email address hidden> Mon, 12 Jul 2021 23:11:28 -0400
-
python-pip (20.0.2-5ubuntu1.5) focal-security; urgency=medium
* Security: Don't split git references on unicode separators. (LP: #1926957)
-- Stefano Rivera <email address hidden> Wed, 12 May 2021 21:04:29 -0400
-
python-pip (20.0.2-5ubuntu1.4) focal; urgency=medium
* Look for pip config /etc (LP: #1914239)
* Provide the pip binary again (LP: #1927865)
-- Stefano Rivera <email address hidden> Sun, 09 May 2021 12:50:53 -0400
-
python-pip (20.0.2-5ubuntu1.3) focal; urgency=medium
* Add Breaks: python3-virtualenv (<< 20.0.17-1ubuntu0.3) to python-pip-whl,
which bumps the seed-app-data version. Our LP: #1880749 change broke
existing seed-app-data caches.
python-pip (20.0.2-5ubuntu1.2) focal; urgency=medium
* Switch from vendoring pytoml to toml, following pep517's dependency.
(LP: #1880749)
* Use sys.base_prefix instead of sys.prefix in debundle.patch. Back-ported
from 20.1-1 to allow virtualenvs to avoid needing to install pip's
dependencies in new venvs. (LP: #1904945)
-- Stefano Rivera <email address hidden> Fri, 26 Feb 2021 18:38:56 -0800
-
python-pip (20.0.2-5ubuntu1.2) focal; urgency=medium
* Switch from vendoring pytoml to toml, following pep517's dependency.
(LP: #1880749)
* Use sys.base_prefix instead of sys.prefix in debundle.patch. Back-ported
from 20.1-1 to allow virtualenvs to avoid needing to install pip's
dependencies in new venvs. (LP: #1904945)
-- Stefano Rivera <email address hidden> Mon, 25 Jan 2021 22:36:55 -0700
-
python-pip (20.0.2-5ubuntu1.1) focal-security; urgency=medium
* No change rebuild to pull in security fixes for urllib3
-- Marc Deslauriers <email address hidden> Fri, 02 Oct 2020 06:58:39 -0400
-
python-pip (20.0.2-5ubuntu1) focal; urgency=medium
* In python-pip-whl: Use setuptools 44 from our python 2 stack, for now.
This is a hack for focal, to keep Python 2 compatibility for virtualenv.
In the future, virtualenv will probably have to download wheels for
python 2.
-- Stefano Rivera <email address hidden> Tue, 21 Apr 2020 08:21:38 -0700
-
python-pip (20.0.2-5) unstable; urgency=medium
[ Stefano Rivera ]
* Team Upload.
[ Scott Kitterman ]
* Add pkg-resources to pip freeze 'DEV_PKGS' so this Debian unique system
wheel does not show up when pip freeze is run (Closes: #871790)
* Add lintian overrides for source-contains-prebuilt-windows-binary to
document why these are acceptable for Debian
[ Stefano Rivera ]
* Include python3-ipaddr in the wheel bundle for Python 2.7 virtualenvs.
* Declare Rules-Requires-Root: no
* Correctly determine the location of the wheels under PyPy.
(Closes: #945187)
-- Stefano Rivera <email address hidden> Mon, 20 Apr 2020 12:59:57 -0700
-
python-pip (20.0.2-4) unstable; urgency=medium
* Patch command/list.py to round trip versions through string and back to
versions to work around pip/setuptools incompatibility (Closes: #912379)
- Add debian/patches/commands_list_version_workaround.patch
* Switch python3-all build-depend to python3 to work around #955632 (Closes:
#955624)
* Set python-pip-whl to be Multi-Arch: foreign as suggested by the
Multi-Arch hinter
* Drop ancient python-pip-whl Breaks/Replaces
- No longer needed since replaced packages were last in oldoldstable
* Switch back to using system pep517 to create a wheel for pip now that
pep517 is zip safe
* Make dh_python3 call verbose so we see more in the build logs
* Clean up redundant Recommends for python3-pip
* Remove obsolete needs-recommends restriction from d/tests/control
-- Scott Kitterman <email address hidden> Fri, 03 Apr 2020 14:51:05 -0400
-
python-pip (20.0.2-2) unstable; urgency=medium
* Team upload
* Update autopkgtests
- Drop python2 tests
- Use python3 -m pip vice pip3 (it's the future)
-- Scott Kitterman <email address hidden> Tue, 17 Mar 2020 17:35:18 -0400
-
python-pip (18.1-5ubuntu1) focal; urgency=medium
* Use python2 in the pip scripts.
-- Matthias Klose <email address hidden> Tue, 14 Jan 2020 12:08:35 +0100
-
python-pip (18.1-5build1) focal; urgency=medium
* No-change rebuild to generate dependencies on python2.
-- Matthias Klose <email address hidden> Tue, 17 Dec 2019 12:43:51 +0000
-
python-pip (18.1-5) unstable; urgency=medium
* Team upload.
* Refresh hands-off-system-packages.patch.
* Add Properly_catch_requests_HTTPError_in_index.py.patch: this fixes 404
when using --extra-index-url due to the way we de-bundle python-requests
from pip. Thanks to Fabio Natali <email address hidden> for the bug report,
Clark Boylan for the patch, and all of the OpenStack infra team for their
help and involving me for this fix (Closes: #837764).
-- Thomas Goirand <email address hidden> Sat, 30 Mar 2019 21:10:13 +0100
