Your message dated Thu, 29 Aug 2019 17:08:29 +0000 with message-id <e1i3nup-000gok...@fasolo.debian.org> and subject line Bug#933922: fixed in salt 2018.3.4+dfsg1-7 has caused the Debian Bug report #933922, regarding src:salt: Unsafe use of yaml.load() to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 933922: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933922 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: src:salt Version: 2018.3.4+dfsg1-6 Severity: grave Tags: security Justification: user security hole The new version of pyyaml no longer allows use of yaml.load() without a loader being specifed. This raises a deprecation warning which has caused and autopkgtest failure on this package. These are generally trivial to fix, see the upstream guidance [1]. Scott K [1] https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation
--- End Message ---
--- Begin Message ---Source: salt Source-Version: 2018.3.4+dfsg1-7 We believe that the bug you reported is fixed in the latest version of salt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 933...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Benjamin Drung <benjamin.dr...@cloud.ionos.com> (supplier of updated salt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 29 Aug 2019 18:26:56 +0200 Source: salt Architecture: source Version: 2018.3.4+dfsg1-7 Distribution: unstable Urgency: medium Maintainer: Debian Salt Team <pkg-salt-t...@lists.alioth.debian.org> Changed-By: Benjamin Drung <benjamin.dr...@cloud.ionos.com> Closes: 933922 Changes: salt (2018.3.4+dfsg1-7) unstable; urgency=medium . * doc: Set script type explicitly to text/javascript * Use jquery.js from sphinx * Symlink vendor JavaScript files before building * Use dh_sphinxdoc * Fix various spelling mistakes * Fix salt to work with python3-yaml 5.1.2-1 (Closes: #933922): - Set default_flow_style=None in yaml.dump calls - Fix yamldumper test for both py2/py3 * Bump Standards-Version to 4.4.0 (no changes needed) * Switch to debhelper 12 * Add missing Pre-Depends on ${misc:Pre-Depends} Checksums-Sha1: 5c2a59a119bcb00a65e4955a6a38966f55e586e3 4066 salt_2018.3.4+dfsg1-7.dsc 0d106e97e0a0cf10e5c6ffe4621d59b21a1efff7 103404 salt_2018.3.4+dfsg1-7.debian.tar.xz dc2d3526e585dce88a9ab9dbaa23bc6b0ed4dee3 13302 salt_2018.3.4+dfsg1-7_source.buildinfo Checksums-Sha256: 49201b11cf7f433d9e7c89f5d2e9ba7233c8c5b475611ecc047ca4ea1fb6e8d2 4066 salt_2018.3.4+dfsg1-7.dsc 82c97432f0e17a7acc7b6ee9b0dc5a5e598699c19581934d615a0e3659317792 103404 salt_2018.3.4+dfsg1-7.debian.tar.xz f453ebfe10573bf1f28d563ce9f1ae43b242a60fcdc506b3fd6940d97d006223 13302 salt_2018.3.4+dfsg1-7_source.buildinfo Files: 3cefbe274509639efa66bbf3ad1b4323 4066 admin optional salt_2018.3.4+dfsg1-7.dsc c8bd45e3d96836ab2de75092cd0912ce 103404 admin optional salt_2018.3.4+dfsg1-7.debian.tar.xz 2856bc378c29e8f3e72220e4d08c05e7 13302 admin optional salt_2018.3.4+dfsg1-7_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE5/q3CzlQJ15towl13YzVpd6MfnoFAl1n/pQACgkQ3YzVpd6M fnoKTQ/8Cmi5AnOHpfhAQdwQ05JMVCvQHm3fPvP0WoJ2kn4/L22Fz2wudbddIWev dKobiRUcxv+qdGFvWNCBUDjQoQ+ox/fqaTzG5/LaYWwQICPtkEUgPOFThFD+JUGh ax0p1UCk8tLarLn/Fji5mWUD+1iqcDcIgQZyR4htnkWCA4R2F8vYlm1/7u2f0uqG QLxilScQdTt4wB4FhCOZAb5Q1s6bF5cEFUvhckqy2leeNdzzAQcxPnelcDY0YnP2 JNXJfmGqP4QrcOCctHQJaIh8OOgPRUXoszHN3EATXE1Z55tDydxhdHpx+klsMEX4 HFXXPsLXtNTYtKm2T4Cxl6nrlLpYGxWijVoVq4bhZ+wdxOdhVDRa7yyoHDixn8aI 7tvjug7Bzuejk7lWoERRAGZTvdl3bq63k9Ec/mcjvwiiTEBKZnoFANLcDUXOGoQ5 lCUlQQjoyr4WVr76c2E5MYgo90CQyjVaGEjRPA2jJiJbiupQZPckuqdFX+ORpwbP 8adqX5Jh+K/5uLkkFRgTAeu1jBH+oLpEbEgLc99+E5RQD5PdVN552FdwQCu9CJKq PkK2N7R8fYCVnwJCJQAhdwk2FNLba8BEw1vGMmGqJfQ9yvD4giz1mgqfuO3yAiFG spIcTV3iOP0y1ktVQq927xdG/wgO/o7grChMLwC91CcTQU0jjyI= =j53j -----END PGP SIGNATURE-----
--- End Message ---
