python2.7 2.7.16-2ubuntu0.1 source package in Ubuntu
Changelog
python2.7 (2.7.16-2ubuntu0.1) disco-security; urgency=medium
* SECURITY UPDATE: incorrect cookie domain check
- debian/patches/CVE-2018-20852.patch: prefix dot in domain for proper
subdomain validation in Lib/cookielib.py, Lib/test/test_cookielib.py.
- CVE-2018-20852
* SECURITY UPDATE: HTTP header injection
- debian/patches/CVE-2019-9740.patch: disallow control chars in http
URLs in Lib/httplib.py, Lib/test/test_urllib.py,
Lib/test/test_urllib2.py, Lib/test/test_xmlrpc.py.
- CVE-2019-9740
- CVE-2019-9947
* SECURITY UPDATE: incomplete fix for CVE-2019-9636
- debian/patches/CVE-2019-10160-1.patch: fix handling of
pre-normalization characters in urlsplit() in
Lib/test/test_urlparse.py, Lib/urlparse.py.
- debian/patches/CVE-2019-10160-2.patch: correct fix to handle
decomposition in usernames in Lib/test/test_urlparse.py,
Lib/urlparse.py.
- debian/patches/CVE-2019-10160-3.patch: fix urlparse.urlsplit() error
message for Unicode URL in Lib/test/test_urlparse.py,
Lib/urlparse.py.
- CVE-2019-10160
* debian/patches/issue36216-2.diff: only print test messages when verbose
in Lib/test/test_urlparse.py.
* debian/patches/issue9146.diff: fix FIPS mode environments where MD5
isn't available in Modules/_hashopenssl.c. (LP: #1835135)
-- Marc Deslauriers <email address hidden> Tue, 09 Jul 2019 12:43:02 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Disco
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python2.7_2.7.16.orig.tar.gz | 16.6 MiB | 01da813a3600876f03f46db11cc5c408175e99f03af2ba942ef324389a83bad5 |
| python2.7_2.7.16-2ubuntu0.1.diff.gz | 289.5 KiB | 81f33557788aff712b33f92b553de25bafe2eb870aabd905cba6ab279e2d4f0c |
| python2.7_2.7.16-2ubuntu0.1.dsc | 3.4 KiB | f489993dfef80a98e6887e9b229bef8179a1c81092477d93decd5a97cea349d4 |
Available diffs
Binary packages built by this source
- idle-python2.7: No summary available for idle-python2.7 in ubuntu disco.
No description available for idle-python2.7 in ubuntu disco.
- libpython2.7: No summary available for libpython2.7 in ubuntu disco.
No description available for libpython2.7 in ubuntu disco.
- libpython2.7-dbg: No summary available for libpython2.7-dbg in ubuntu disco.
No description available for libpython2.7-dbg in ubuntu disco.
- libpython2.7-dev: No summary available for libpython2.7-dev in ubuntu disco.
No description available for libpython2.7-dev in ubuntu disco.
- libpython2.7-minimal: No summary available for libpython2.7-minimal in ubuntu disco.
No description available for libpython2.
7-minimal in ubuntu disco.
- libpython2.7-stdlib: No summary available for libpython2.7-stdlib in ubuntu disco.
No description available for libpython2.7-stdlib in ubuntu disco.
- libpython2.7-testsuite: No summary available for libpython2.7-testsuite in ubuntu disco.
No description available for libpython2.
7-testsuite in ubuntu disco.
- python2.7: No summary available for python2.7 in ubuntu disco.
No description available for python2.7 in ubuntu disco.
- python2.7-dbg: No summary available for python2.7-dbg in ubuntu disco.
No description available for python2.7-dbg in ubuntu disco.
- python2.7-dev: No summary available for python2.7-dev in ubuntu disco.
No description available for python2.7-dev in ubuntu disco.
- python2.7-doc: No summary available for python2.7-doc in ubuntu disco.
No description available for python2.7-doc in ubuntu disco.
- python2.7-examples: No summary available for python2.7-examples in ubuntu disco.
No description available for python2.7-examples in ubuntu disco.
- python2.7-minimal: No summary available for python2.7-minimal in ubuntu disco.
No description available for python2.7-minimal in ubuntu disco.
