0008667: python3-sqlalchemy (sqlalchemy) Version Discrepency - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0008667	Kali Linux	Tool Upgrade Request	public	2024-03-13 15:31	2024-03-18 16:41

Reporter	Arszilla	Assigned To	sbrun
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	assigned	Resolution	open

Summary	0008667: python3-sqlalchemy (sqlalchemy) Version Discrepency
Description	While packaging NetExec (https://bugs.kali.org/view.php?id=8533) for release, I have noticed that the version of `sqlalchemy`/`python3-sqlalchemy` is `1.4.50+ds1-1` - coming from Debian upstream. However, when I checked https://pkg.kali.org and investigated the matter further, I noticed that the version of `sqlalchemy` from Debian is `2.0.19+ds1-1`, updated 7 months ago. I have also observed that the version in Kali (`1.4.50+ds1-1`) is non-existent according to the `changelog` As a result, I have a few questions: Why is there a version discrepancy between the changelogs? Has Kali re-packaged `sqlalchemy`? Why is the version in Kali outdated, despite the package being available in Kali from Debian upstream? Since `netexec` requires `python3-sqlalchemy` version `2.0.4` or higher, is there any way of upgrading this package to the current one from Debian? Thanks in advance!

sbrun 2024-03-15 08:24 manager ~0019027 Last edited: 2024-03-15 08:32	Let me try to answer `2. Why is the version in Kali outdated, despite the package being available in Kali from Debian upstream?` kali-rolling is based on Debian Testing. The version in testing is 1.4.50+ds1-1 that's why we have this version in Kali. The version 2.0.19+ds1-1 in only in Debian Experimental (https://tracker.debian.org/pkg/sqlalchemy) `1. Why is there a version discrepancy between the changelogs? Has Kali re-packaged sqlalchemy?` The version in Debian experimental has been uploaded a long time ago, the new upstream release 1.4.50 didn't exist. It has been released after (upstream maintenance). That's why the debian/changelog does not mention the version 1.4.50. The maintainer uploaded it in experimental because it's used by a lot of packages and an update will probably break some of them. `3. Since netexec requires python3-sqlalchemy version 2.0.4 or higher, is there any way of upgrading this package to the current one from Debian?` We are dependent on the Debian Python Team: If we import the new version in Kali, we will probably break a lot of packages and we don't have the resources to check and fix them all in Kali. FTR the Debian Python Team is working on the Python 3.12 migration, and the version 1.4 is broken with Python 3.12 so maybe they will work on the update of sqlalchemy quickly. We have other updates / packages blocked by this old version of sqlalchemy. I'm not sure if we can find a work around while waiting for the update on the Debian side.

Arszilla 2024-03-15 12:17 reporter ~0019030	Would you like me to raise a bug ticket with Debian to get the Debian Python Team to see if they can make this happen? If not, I will speak with the NetExec devs and see if they can lower their `sqlalchemy` version to what Kali has for the time being.

sbrun 2024-03-15 14:51 manager ~0019033	FYI There is already a bug asking for the update: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030164 And the last message about the update on the mailing list is here: https://lists.debian.org/debian-python/2024/02/msg00043.html

Arszilla 2024-03-16 18:29 reporter ~0019044	Ah great, thanks for sharing that Sophie. Thanks for the insight as well - I totally overlooked the `experimental` tag. You can close the ticket if you'd like :)

Date Modified	Username	Field	Change
2024-03-13 15:31	Arszilla	New Issue
2024-03-14 20:24	Gamb1t	Assigned To	=> arnaudr
2024-03-14 20:24	Gamb1t	Status	new => assigned
2024-03-15 08:03	sbrun	Assigned To	arnaudr => sbrun
2024-03-15 08:24	sbrun	Note Added: 0019027
2024-03-15 08:32	arnaudr	Note Edited: 0019027
2024-03-15 12:17	Arszilla	Note Added: 0019030
2024-03-15 14:51	sbrun	Note Added: 0019033
2024-03-16 18:29	Arszilla	Note Added: 0019044