Package: python-pip / 1.5.6-5

Metadata

Package Version Patches format
python-pip 1.5.6-5 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
de vendorize.patch | (download)

pip.egg-info/SOURCES.txt | 152 1 + 151 - 0 !
pip/baseparser.py | 1 0 + 1 - 0 !
pip/commands/freeze.py | 2 1 + 1 - 0 !
pip/commands/search.py | 2 1 + 1 - 0 !
pip/commands/show.py | 2 1 + 1 - 0 !
pip/download.py | 14 7 + 7 - 0 !
pip/index.py | 4 2 + 2 - 0 !
pip/log.py | 2 1 + 1 - 0 !
pip/req.py | 2 1 + 1 - 0 !
pip/util.py | 4 2 + 2 - 0 !
pip/wheel.py | 5 2 + 3 - 0 !
setup.py | 3 0 + 3 - 0 !
12 files changed, 19 insertions(+), 174 deletions(-)

 use debian packages instead of vendorized versions.
use wheels.patch | (download)

pip/__init__.py | 63 63 + 0 - 0 !
setup.py | 8 7 + 1 - 0 !
2 files changed, 70 insertions(+), 1 deletion(-)

 we need to add all the recursively devendorized dependent wheels
 to sys.path so that they can be imported.  These wheel files live in
better error message.patch | (download)

pip/commands/wheel.py | 6 5 + 1 - 0 !
1 file changed, 5 insertions(+), 1 deletion(-)

 provide a better, debian-specific error message when someone
 tries to run the `pip wheel` command before installing the necessary package.
random install dir.patch | (download)

pip/cmdoptions.py | 8 3 + 5 - 0 !
pip/commands/install.py | 142 77 + 65 - 0 !
pip/commands/wheel.py | 116 60 + 56 - 0 !
pip/util.py | 33 33 + 0 - 0 !
4 files changed, 173 insertions(+), 126 deletions(-)

 use randomized install directory
 python-pip (1.5.6-4) UNRELEASED; urgency=medium
 .
   * Team upload.
   * Backport upstream fix to use non-predictable download directories
     - Fixes denial of service vector (CVE-2014-8991) (Closes: #725847)
     - Fixes retry failures (Closes: #769930)
no touch system files.patch | (download)

pip/req.py | 13 11 + 2 - 0 !
pip/util.py | 38 28 + 10 - 0 !
2 files changed, 39 insertions(+), 12 deletions(-)

 [patch 2/2] fix error message for is_local in the non-virtualenv case
.
While not committed upstream, the patch author has submitted it and it is
being reviewed.  Upstream did provide positive feedback for inclusion in
Debian.