Ubuntu

“python2.4” 2.4.5-1ubuntu4.4 source package in Ubuntu

Changelog

python2.4 (2.4.5-1ubuntu4.4) hardy-security; urgency=low

  * SECURITY UPDATE: optionally disallow setting sys.path when setting
    sys.argv
    - debian/patches/CVE-2008-5983.dpatch: add new C API function,
      PySys_SetArgvEx
    - CVE-2008-5983
  * SECURITY UPDATE: fix integer overflows in audioop module
    - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
      overflow checks
    - CVE-2010-1634
  * SECURITY UPDATE: fix DoS in audioop module
    - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
      is a multiple of the frame size
    - CVE-2010-2089
  * SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
    - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
      within the url properly before looking in cgi_directories.
    - CVE-2011-1015
  * SECURITY UPDATE: update urllib and urllib2 for invalid redirections
    - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
      http, https, and ftp
    - http://bugs.python.org/issue11662
    - CVE-2011-1521
  * SECURITY UPDATE: fix XSS in SimpleHTTPServer
    - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
      Content-type
    - CVE-2011-4940
  * SECURE UPDATE: http://bugs.python.org/issue13512
    - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
    - CVE-2011-4944
  * SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
    malformed POST request
    - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
      Lib/SimpleXMLRPCServer.py
    - CVE-2012-0845
  * SECURITY UPDATE: Denial of service via hash collisions
    - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Add random salt value
      to hash inputs in lib/xmlparse.c
    - CVE-2012-0876
  * SECURITY UPDATE: Denial of service via memory leak
    - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Properly reallocate
      memory in lib/xmlparse.c
    - CVE-2012-1148
  * SECURITY UPDATE: fix DoS in smtpd.py
    - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
      accept() when smtpd accepts new incoming connections
    - http://bugs.python.org/issue9129
    - CVE-2010-3493
  * debian/patches/testsuite-linux3.dpatch: adjust testsuite for linux3
 -- Jamie Strandboge <email address hidden>   Mon, 15 Oct 2012 16:57:31 -0500

Upload details

Uploaded by:
Jamie Strandboge on 2012-10-16
Uploaded to:
Hardy
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
python
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Hardy updates on 2012-10-17 main python
Hardy security on 2012-10-17 main python

Downloads

File Size MD5 Checksum
python2.4_2.4.5.orig.tar.gz 9.1 MiB 9a615c6868074f60872084ecd240de3e
python2.4_2.4.5-1ubuntu4.4.diff.gz 2.6 MiB 08b678efeb48d94e26382deb40a827b5
python2.4_2.4.5-1ubuntu4.4.dsc 2.0 KiB e6cf583f7f7005a4344ddfd107e45cdb

Binary packages built by this source

idle-python2.4: An IDE for Python (v2.4) using Tkinter

 IDLE is an Integrated Development Environment for Python (v2.4).
 IDLE is written using Tkinter and therefore quite platform-independent.

python2.4: An interactive high-level object-oriented language (version 2.4)

 Version 2.4 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.4-dbg: Debug Build of the Python Interpreter (version 2.4)

 Python interpreter configured with --pydebug. Dynamically loaded modules are
 searched in /usr/lib/python2.4/lib-dynload/debug first.

python2.4-dev: Header files and a static library for Python (v2.4)

 Header files, a static library and development tools for building
 Python (v2.4) modules, extending the Python interpreter or embedding
 Python (v2.4) in applications.
 .
 Maintainers of Python packages should read README.maintainers.

python2.4-doc: Documentation for the high-level object-oriented language Python (v2.4)

 These is the official set of documentation for the interactive high-level
 object-oriented language Python (v2.4). All documents are provided
 in HTML format, some in info format. The package consists of ten documents:
 .
   * What's New in Python2.4
   * Tutorial
   * Python Library Reference
   * Macintosh Module Reference
   * Python Language Reference
   * Extending and Embedding Python
   * Python/C API Reference
   * Installing Python Modules
   * Documenting Python
   * Distributing Python Modules

python2.4-examples: Examples for the Python language (v2.4)

 Examples, Demos and Tools for Python (v2.4). These are files included in
 the upstream Python distribution (v2.4).

python2.4-minimal: A minimal subset of the Python language (version 2.4)

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.4-minimal/README.Debian for a list of the modules
 contained in this package.