Package: setuptools | Debian Sources

Package: setuptools / 66.1.1-1+deb12u2

Metadata

Package	Version	Patches format
setuptools	66.1.1-1+deb12u2	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
install layout.diff \| (download)	setuptools/command/easy_install.py \| 58 54 + 4 - 0 ! setuptools/command/install_egg_info.py \| 19 18 + 1 - 0 ! 2 files changed, 72 insertions(+), 5 deletions(-)	---
multiarch extname.diff \| (download)	setuptools/command/easy_install.py \| 4 4 + 0 - 0 ! setuptools/command/install_lib.py \| 26 26 + 0 - 0 ! 2 files changed, 30 insertions(+)	---
no sphinx rst.linker.diff \| (download)	docs/conf.py \| 3 2 + 1 - 0 ! 1 file changed, 2 insertions(+), 1 deletion(-)	---
fix changes link.diff \| (download)	docs/history.rst \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
no SOURCES.txt in egg ingo.diff \| (download)	setuptools/command/install_egg_info.py \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	---
reproducible.diff \| (download)	setuptools/command/easy_install.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
sorted requires.diff \| (download)	setuptools/command/egg_info.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
PKG INFO output reproducible.diff \| (download)	setuptools/dist.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
no sidebar.diff \| (download)	docs/Makefile \| 75 75 + 0 - 0 ! 1 file changed, 75 insertions(+)	---
no sphinx inline tabs.diff \| (download)	docs/conf.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
no sphinx towncrier.diff \| (download)	docs/conf.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
no sphinx jaraco tidelift.diff \| (download)	docs/conf.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
sphinx theme.diff \| (download)	docs/conf.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
no sphinx custom icons.diff \| (download)	docs/conf.py \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
no sphinx hoverxref.diff \| (download)	docs/conf.py \| 13 0 + 13 - 0 ! 1 file changed, 13 deletions(-)	---
CVE 2024 6345.patch \| (download)	setuptools/package_index.py \| 145 80 + 65 - 0 ! setuptools/tests/test_packageindex.py \| 34 20 + 14 - 0 ! 2 files changed, 100 insertions(+), 79 deletions(-)	[patch 01/10] .. [patch 10/10] modernize package_index vcs handling The issue is a possible remote code execution by supplying malicious URLs in a package index or via the command line. The issue boils down to unsafe use of os.system. Because easy_install and package_index are deprecated, the attack surface is smaller, but it's conceivable through social engineering or minor compromise to a package index could grant remote access. The fix was released in v70.0.0.
CVE 2025 47273.patch \| (download)	setuptools/package_index.py \| 4 4 + 0 - 0 ! 1 file changed, 4 insertions(+)	---

1