python2.7 2.7.15-4ubuntu4~18.04.1 source package in Ubuntu
Changelog
python2.7 (2.7.15-4ubuntu4~18.04.1) bionic-security; urgency=medium * SECURITY UPDATE: incorrect cookie domain check - debian/patches/CVE-2018-20852.patch: prefix dot in domain for proper subdomain validation in Lib/cookielib.py, Lib/test/test_cookielib.py. - CVE-2018-20852 * SECURITY UPDATE: NULL pointer dereference via X509 certificate - debian/patches/CVE-2019-5010.patch: fix segfault in ssl cert parser in Lib/test/talos-2019-0758.pem, Lib/test/test_ssl.py, Modules/_ssl.c. - CVE-2019-5010 * SECURITY UPDATE: improper handling of unicode encoding - debian/patches/CVE-2019-9636-1.patch: add check for characters in netloc that normalize to separators in Doc/library/urlparse.rst, Lib/test/test_urlparse.py, Lib/urlparse.py. - debian/patches/CVE-2019-9636-2.patch: only print test messages when verbose in Lib/test/test_urlparse.py. - CVE-2019-9636 * SECURITY UPDATE: HTTP header injection - debian/patches/CVE-2019-9740.patch: disallow control chars in http URLs in Lib/httplib.py, Lib/test/test_urllib.py, Lib/test/test_urllib2.py, Lib/test/test_xmlrpc.py. - CVE-2019-9740 - CVE-2019-9947 * SECURITY UPDATE: urllib support the local_file: scheme - debian/patches/CVE-2019-9948.patch: disallow file reading in Lib/urllib.py, Lib/test/test_urllib.py. - CVE-2019-9948 * SECURITY UPDATE: incomplete fix for CVE-2019-9636 - debian/patches/CVE-2019-10160-1.patch: fix handling of pre-normalization characters in urlsplit() in Lib/test/test_urlparse.py, Lib/urlparse.py. - debian/patches/CVE-2019-10160-2.patch: correct fix to handle decomposition in usernames in Lib/test/test_urlparse.py, Lib/urlparse.py. - debian/patches/CVE-2019-10160-3.patch: fix urlparse.urlsplit() error message for Unicode URL in Lib/test/test_urlparse.py, Lib/urlparse.py. - CVE-2019-10160 * debian/patches/issue9146.diff: fix FIPS mode environments where MD5 isn't available in Modules/_hashopenssl.c. (LP: #1835135) -- Marc Deslauriers <email address hidden> Tue, 09 Jul 2019 12:51:35 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python2.7_2.7.15.orig.tar.gz | 16.7 MiB | 18617d1f15a380a919d517630a9cd85ce17ea602f9bbdc58ddc672df4b0239db |
python2.7_2.7.15-4ubuntu4~18.04.1.diff.gz | 542.4 KiB | 57262f5d8281a7e41f7a9f3e0f3f000c4fe2b6de4c832dd0ee877794b05ade6b |
python2.7_2.7.15-4ubuntu4~18.04.1.dsc | 3.4 KiB | 680399ad4fa59c5ab097f1546c159440d602df7bac2837208f4978a3a63ca979 |
Available diffs
- diff from 2.7.15-4ubuntu4~18.04 (in ~ci-train-ppa-service/ubuntu/3540-deletedppa) to 2.7.15-4ubuntu4~18.04.1 (12.5 KiB)
- diff from 2.7.15~rc1-1ubuntu0.2 to 2.7.15-4ubuntu4~18.04.1 (pending)
Binary packages built by this source
- idle-python2.7: IDE for Python (v2.7) using Tkinter
IDLE is an Integrated Development Environment for Python (v2.7).
IDLE is written using Tkinter and therefore quite platform-independent.
- libpython2.7: Shared Python runtime library (version 2.7)
Python is a high-level, interactive, object-oriented language. Its 2.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains the shared runtime library, normally not needed
for programs using the statically linked interpreter.
- libpython2.7-dbg: Debug Build of the Python Interpreter (version 2.7)
The package holds two things:
.
- Extensions for a Python interpreter configured with --pydebug.
- Debug information for standard python extensions.
.
See the README.debug for more information.
- libpython2.7-dev: Header files and a static library for Python (v2.7)
Header files, a static library and development tools for building
Python (v2.7) modules, extending the Python interpreter or embedding
Python (v2.7) in applications.
.
Maintainers of Python packages should read README.maintainers.
.
This package contains development files. It is normally not
used on it's own, but as a dependency of python2.7-dev.
- libpython2.7-minimal: Minimal subset of the Python language (version 2.7)
This package contains some essential modules. It is normally not
used on it's own, but as a dependency of python2.7-minimal.
- libpython2.7-stdlib: Interactive high-level object-oriented language (standard library, version 2.7)
Python is a high-level, interactive, object-oriented language. Its 2.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains Python 2.7's standard library. It is normally not
used on its own, but as a dependency of python2.7.
- libpython2.7-testsuite: Testsuite for the Python standard library (v2.7)
The complete testsuite for the Python standard library. Note that
a subset is found in the libpython2.7-stdlib package, which should
be enough for other packages to use (please do not build-depend
on this package, but file a bug report to include additional
testsuite files in the libpython2.7-stdlib package).
- python2.7: Interactive high-level object-oriented language (version 2.7)
Python is a high-level, interactive, object-oriented language. Its 2.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
- python2.7-dbg: Debug Build of the Python Interpreter (version 2.7)
The package holds two things:
.
- A Python interpreter configured with --pydebug. Dynamically loaded modules
are searched as <foo>_d.so first. Third party extensions need a separate
build to be used by this interpreter.
- Debug information for standard python interpreter and extensions.
.
See the README.debug for more information.
- python2.7-dev: Header files and a static library for Python (v2.7)
Header files, a static library and development tools for building
Python (v2.7) modules, extending the Python interpreter or embedding
Python (v2.7) in applications.
.
Maintainers of Python packages should read README.maintainers.
- python2.7-doc: Documentation for the high-level object-oriented language Python (v2.7)
These is the official set of documentation for the interactive high-level
object-oriented language Python (v2.7). All documents are provided
in HTML format. The package consists of ten documents:
.
* What's New in Python2.7
* Tutorial
* Python Library Reference
* Macintosh Module Reference
* Python Language Reference
* Extending and Embedding Python
* Python/C API Reference
* Installing Python Modules
* Documenting Python
* Distributing Python Modules
- python2.7-examples: Examples for the Python language (v2.7)
Examples, Demos and Tools for Python (v2.7). These are files included in
the upstream Python distribution (v2.7).
- python2.7-minimal: Minimal subset of the Python language (version 2.7)
This package contains the interpreter and some essential modules. It can
be used in the boot process for some basic tasks.
See /usr/share/doc/python2. 7-minimal/ README. Debian for a list of the modules
contained in this package.