| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 01_avoid_call_to_pypi.patch | Avoid the call for python-magic to PyPi. The Build-Dependency relatorio >=0.7 contains a code copy of python-magic[pypi]. . This patch is subject to be removed, once python-magic from pypi (or an equivalent alternative) is available. Relevant discussions: https://lists.debian.org/debian-python/2017/09/msg00008.html https://lists.debian.org/debian-python/2017/09/msg00015.html https://lists.debian.org/debian-python/2017/10/msg00021.html |
Mathias Behrle <mathiasb@m9s.biz> | not-needed | debian | 2017-11-06 | |
| 02_enforce_record_rules.patch | Enforce record rules when only reading fields without an SQL type. This patch fixes the information disclosure leak when reading from function fields with record rules https://discuss.tryton.org/t/security-release-for-issue-12428/6397 |
Cdric Krier <cedric.krier@b2ck.com> | yes | upstream |