[MIR] python-pip
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-pip (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Availability: universe
Rationale: pip is a build-dep of tox. Tox is newly MIR'd as a build-dep of system-image which is seeded in Ubuntu Touch. See LP: #1367016 for the tox MIR.
Security: pip has had two CVEs: CVE-2013-1888 and CVE-2013-1629 which are fixed with the version in Ubuntu. pip has had a few security issues in the past, but it actively maintained upstream, in Debian, and Ubuntu, as it is a core package for Python development. Recent changes have made it much more secure over all.
QA: Very well maintained and tested upstream, in Debian, in Ubuntu.
UI standards: n/a
Dependencies: Run-time on distlib and python-colorama, B-D on python-virtualenv. All MIRs in progress.
Standards compliance: no known issues.
Maintenance: no known issues.
Oops, LP: #1349832 was already open for all packages in this stack, so I'm just re-opening them and duping this.