Bug#901373: marked as done (Cannot disable reference to html5shiv-printshiv.min.js in --standalone HTML output)
Your message dated Tue, 12 Jun 2018 14:41:20 +0000
with message-id <E1fSkU4-0004Oo-2p@fasolo.debian.org>
and subject line Bug#901373: fixed in pandoc 2.2.1-2
has caused the Debian Bug report #901373,
regarding Cannot disable reference to html5shiv-printshiv.min.js in --standalone HTML output
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
901373: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901373
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: pandoc
Version: 2.2.1-1
Severity: normal
Control: affects -1 elpa-ebib
Dear maintainer,
When pandoc builds --standalone HTML output, it includes a reference to
an online copy of html5shiv-printshiv.min.js. For a Debian package
build-depending on pandoc to generate HTML documentation, there are two
problems with this
- it could be considered a privacy violation
- it might violate the conditions for inclusion in the main archive, if
we don't have the source for the minified JavaScript in there
somewhere.
So it should be possible to disable inclusion of this reference.
Lintian detects the problem:
W: elpa-ebib: privacy-breach-generic usr/share/doc/elpa-ebib/ebib-manual.html [<script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv-printshiv.min.js">] (//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv-printshiv.min.js)
Thanks.
--
Sean Whitton
--- End Message ---
--- Begin Message ---
- To: 901373-close@bugs.debian.org
- Subject: Bug#901373: fixed in pandoc 2.2.1-2
- From: Jonas Smedegaard <dr@jones.dk>
- Date: Tue, 12 Jun 2018 14:41:20 +0000
- Message-id: <E1fSkU4-0004Oo-2p@fasolo.debian.org>
Source: pandoc
Source-Version: 2.2.1-2
We believe that the bug you reported is fixed in the latest version of
pandoc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 901373@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonas Smedegaard <dr@jones.dk> (supplier of updated pandoc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 12 Jun 2018 15:33:38 +0200
Source: pandoc
Binary: pandoc pandoc-data libghc-pandoc-dev libghc-pandoc-doc libghc-pandoc-prof
Architecture: source
Version: 2.2.1-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Haskell Group <debian-haskell@lists.debian.org>
Changed-By: Jonas Smedegaard <dr@jones.dk>
Description:
libghc-pandoc-dev - general markup converter - libraries
libghc-pandoc-doc - general markup converter - library documentation
libghc-pandoc-prof - general markup converter - profiling libraries
pandoc - general markup converter
pandoc-data - general markup converter - data files
Closes: 901373
Changes:
pandoc (2.2.1-2) unstable; urgency=medium
.
* Fix potential privacy breaches in templates:
+ Add patch 2001 to replace CDN URLs with local paths.
+ Add README.Debian note about Debian packaging favoring locally
installed resources over network resources for so-called
standalone documents.
+ Add TODO note about slidy format needing privacy breach fix.
+ Suggest packages libjs-mathjax node-katex, and mention their use
in long description.
Closes: Bug#901373. Thanks to Sean Whitton.
* Mark binary package pandoc-data as Multi-Arch: foreign.
Checksums-Sha1:
5155ff6ca2f9b17e8bd506b0a87e8a92622ffc45 6176 pandoc_2.2.1-2.dsc
9184e639ee631dab5ccb3ce3f8be7bb40f28f740 49108 pandoc_2.2.1-2.debian.tar.xz
9bf47d51633e8d53e2cd63df042c474e9294a74e 17668 pandoc_2.2.1-2_amd64.buildinfo
Checksums-Sha256:
82a3c9f0d282fea822e0b8a7fa0408f14f3a044a7e9fef96d81b50cce7b952b0 6176 pandoc_2.2.1-2.dsc
005a6edace0ada7e0d3ee87336a6601793d376bb73c1eeb2ee02de185907bccf 49108 pandoc_2.2.1-2.debian.tar.xz
61e0ec4ac6efa25a1252c6b1f169c8ba23e834239057bc36a2a9887edc5b6de3 17668 pandoc_2.2.1-2_amd64.buildinfo
Files:
dc00eab1ed4075e26aef948db5da4887 6176 text optional pandoc_2.2.1-2.dsc
dca06c3167cfc56c5dac58621444bd29 49108 text optional pandoc_2.2.1-2.debian.tar.xz
1f6b7055bbc3439796fe5d92961eb91d 17668 text optional pandoc_2.2.1-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAlsf0LUACgkQLHwxRsGg
ASG8NA//S4upJ8zu1zaz/qfzSh9a0uKEzjEoJSjFSCxlR5wAPkoogY9UUN0Lwd+E
uFhluDYH3pcKwoBLFhSVIKUi0dGtQy3IlEUn34aj9CGGyrMZCnCU+X3yZt7+agAC
1e/FvwXtERd5pDJAUpXoTgZJGuY3/J0Wgw8+kR4Xi+jPu/HtlO6AQZ+yR003xyi7
dW/EVLNdEYuvRc60UUmLWPhrpQ5P8o4DK9fqtmNpv2jOe3iUs4eFFfZidI50ojQ/
zoUQ5Ted9BuwfqkmreO/Hb+BxSX6m5xLeZJleXGe/WcisxGlBCWauuYtcCiW200C
8PYPGafn5uFYBS7rh8f6EUtPh6LTj4B3AfnWfFLOi8mKlSWV7zw756gzgS9drRI+
TexGHcODojxByHaRNdnqM68PIwOSPsbu5B7JOMxKhj0Aqf4ZKa9sIxkaRvIIEQjV
coCr8r+WtQmJfOEhJOuhE1hsgBdBBjxybyefR/5mM1OOpGscUyWLpSQZF/aExNgt
13R/e8tE4+Re59CrqqSE9o2FkJ22q8mHoeMZGlHwc8G2Nz6Kr6VpZc8BFwnmjR14
CUiZ6PtMA71DhJZZsGFWN5B4q25q1WoVmEO+ACD3ZDFtW75UYQAYh+lFPiVIMcCS
Q9GvewuISMO5hjMNE3HSnLgtPh9GhWVvzdyQi9x3NKU5u5ass8k=
=qt02
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: