Change log : python2.5 package : Ubuntu

2.5.2-2ubuntu6.2

Obsolete in hardy-updates on 2015-04-24

Obsolete in hardy-security on 2015-04-24

python2.5 (2.5.2-2ubuntu6.2) hardy-security; urgency=low

  * SECURITY UPDATE: optionally disallow setting sys.path when setting
    sys.argv
    - debian/patches/CVE-2008-5983.dpatch: add new C API function,
      PySys_SetArgvEx
    - CVE-2008-5983
  * SECURITY UPDATE: fix integer overflows in audioop module
    - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
      overflow checks
    - CVE-2010-1634
  * SECURITY UPDATE: fix DoS in audioop module
    - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
      is a multiple of the frame size
    - CVE-2010-2089
  * SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
    - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
      within the url properly before looking in cgi_directories.
    - CVE-2011-1015
  * SECURITY UPDATE: update urllib and urllib2 for invalid redirections
    - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
      http, https, and ftp
    - http://bugs.python.org/issue11662
    - CVE-2011-1521
  * SECURITY UPDATE: fix XSS in SimpleHTTPServer
    - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
      Content-type
    - CVE-2011-4940
  * SECURE UPDATE: http://bugs.python.org/issue13512
    - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
    - CVE-2011-4944
  * SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
    malformed POST request
    - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
      Lib/SimpleXMLRPCServer.py
    - CVE-2012-0845
  * SECURITY UPDATE: Denial of service via hash collisions
    - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Add random salt value
      to hash inputs in lib/xmlparse.c
    - CVE-2012-0876
  * SECURITY UPDATE: Denial of service via memory leak
    - debian.patches/CVE-2012-0876+CVE-2012-1148.dpatch: Properly reallocate
      memory in lib/xmlparse.c
    - CVE-2012-1148
  * SECURITY UPDATE: fix DoS in smtpd.py
    - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
      accept() when smtpd accepts new incoming connections
    - http://bugs.python.org/issue9129
    - CVE-2010-3493
 -- Jamie Strandboge <email address hidden>   Fri, 12 Oct 2012 09:03:09 -0500

Available diffs

diff from 2.5.2-2ubuntu6.1 to 2.5.2-2ubuntu6.2 (14.4 KiB)

2.5.5-11

Deleted in oneiric-release on 2011-05-05 (Reason: LP: #516932)

python2.5 (2.5.5-11) unstable; urgency=low

  * Fix multiple security issues in rgbimg module (CVE-2009-4134,
    CVE-2010-1449 CVE-2010-1450). Closes: #603162.

Available diffs

diff from 2.5.5-1ubuntu1 to 2.5.5-11 (2.9 MiB)

2.5.5-1ubuntu1

Deleted in lucid-release on 2010-03-10 (Reason: python 2.5 removal LP: #516932)

Superseded in lucid-release on 2010-02-10

python2.5 (2.5.5-1ubuntu1) lucid; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.
  * Regenerate the included documentation.

Available diffs

diff from 2.5.4-1ubuntu8 to 2.5.5-1ubuntu1 (5.3 MiB)

2.5.4-1ubuntu8

Superseded in lucid-release on 2010-01-31

python2.5 (2.5.4-1ubuntu8) lucid; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE-2009-3720.dpatch: update Modules/expat/xmltok_impl.c
      to not access beyond end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE-2009-3560.dpatch: update Modules/expat/xmlparse.c to
      properly recognize the end of a token
    - CVE-2009-3560
 -- Jamie Strandboge <email address hidden>   Wed, 20 Jan 2010 15:29:00 -0600

Available diffs

diff from 2.5.4-1ubuntu7 to 2.5.4-1ubuntu8 (1.3 KiB)

2.5.2-11.1ubuntu1.1

Obsolete in intrepid-updates on 2013-02-20

Obsolete in intrepid-security on 2013-02-20

python2.5 (2.5.2-11.1ubuntu1.1) intrepid-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE-2009-3720.dpatch: update Modules/expat/xmltok_impl.c
      to not access beyond end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE-2009-3560.dpatch: update Modules/expat/xmlparse.c to
      properly recognize the end of a token
    - CVE-2009-3560
 -- Jamie Strandboge <email address hidden>   Wed, 20 Jan 2010 08:22:50 -0600

Available diffs

diff from 2.5.2-11.1ubuntu1 (in Ubuntu) to 2.5.2-11.1ubuntu1.1 (1.3 KiB)

2.5.2-2ubuntu6.1

Superseded in hardy-updates on 2012-10-17

Superseded in hardy-security on 2012-10-17

python2.5 (2.5.2-2ubuntu6.1) hardy-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE-2009-3720.dpatch: update Modules/expat/xmltok_impl.c
      to not access beyond end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE-2009-3560.dpatch: update Modules/expat/xmlparse.c to
      properly recognize the end of a token
    - CVE-2009-3560
 -- Jamie Strandboge <email address hidden>   Wed, 20 Jan 2010 08:25:26 -0600

Available diffs

diff from 2.5.2-2ubuntu6 to 2.5.2-2ubuntu6.1 (1.3 KiB)

2.5.4-1ubuntu4.1

Obsolete in jaunty-updates on 2013-02-28

Obsolete in jaunty-security on 2013-02-28

python2.5 (2.5.4-1ubuntu4.1) jaunty-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE-2009-3720.dpatch: update Modules/expat/xmltok_impl.c
      to not access beyond end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE-2009-3560.dpatch: update Modules/expat/xmlparse.c to
      properly recognize the end of a token
    - CVE-2009-3560
 -- Jamie Strandboge <email address hidden>   Wed, 20 Jan 2010 08:21:05 -0600

Available diffs

diff from 2.5.4-1ubuntu4 (in Ubuntu) to 2.5.4-1ubuntu4.1 (1.4 KiB)

2.5.4-1ubuntu6.1

Obsolete in karmic-updates on 2013-03-04

Obsolete in karmic-security on 2013-03-04

python2.5 (2.5.4-1ubuntu6.1) karmic-security; urgency=low

  * SECURITY UPDATE: fix DoS via malformed XML
    - debian/patches/CVE-2009-3720.dpatch: update Modules/expat/xmltok_impl.c
      to not access beyond end of input string
    - CVE-2009-3720
  * SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
    - debian/patches/CVE-2009-3560.dpatch: update Modules/expat/xmlparse.c to
      properly recognize the end of a token
    - CVE-2009-3560
 -- Jamie Strandboge <email address hidden>   Tue, 19 Jan 2010 21:05:31 -0600

Available diffs

diff from 2.5.4-1ubuntu6 (in Ubuntu) to 2.5.4-1ubuntu6.1 (1.3 KiB)

2.5.4-1ubuntu7

Superseded in lucid-release on 2010-01-21

python2.5 (2.5.4-1ubuntu7) lucid; urgency=low

  * Build with emacs23.
 -- Colin Watson <email address hidden>   Fri, 27 Nov 2009 16:42:20 +0000

Available diffs

diff from 2.5.4-1ubuntu6 to 2.5.4-1ubuntu7 (1.4 KiB)

2.5.4-1ubuntu6

Superseded in lucid-release on 2009-11-27

Obsolete in karmic-release on 2013-03-04

python2.5 (2.5.4-1ubuntu6) karmic; urgency=low

  * Build-depend on libreadline-dev instead of libreadline5-dev.

 -- Matthias Klose <email address hidden>   Sat, 19 Sep 2009 23:23:29 +0200

Available diffs

diff from 2.5.4-1ubuntu5 to 2.5.4-1ubuntu6 (835 bytes)

2.5.4-1ubuntu5

Superseded in karmic-release on 2009-09-19

python2.5 (2.5.4-1ubuntu5) karmic; urgency=low

  * Fix the patch to curses to include some missing imports. (LP: #395321)

 -- Evan Broder <email address hidden>   Sun, 05 Jul 2009 20:58:57 -0400

Available diffs

diff from 2.5.4-1ubuntu4 to 2.5.4-1ubuntu5 (674 bytes)

2.5.2-2ubuntu6

Superseded in hardy-updates on 2010-01-21

Superseded in hardy-security on 2010-01-21

python2.5 (2.5.2-2ubuntu6) hardy-security; urgency=low

  * SECURITY UPDATE: arbitrary code execution via multiple integer
    overflows
    - debian/rules, debian/patches/CVE-2008-4864.dpatch: introduce new
      functions for size checks in Modules/imageop.c, introduce tests in
      Lib/test/test_imageop.py.
    - CVE-2008-4864
  * Increment release to -2ubuntu6 to supersede a package that was deleted
    from -proposed. This release does _not_ contain the -2ubuntu5 changes.

 -- Marc Deslauriers <email address hidden>   Mon, 20 Jul 2009 15:59:15 -0400

Available diffs

diff from 2.5.2-2ubuntu4 (in Ubuntu) to 2.5.2-2ubuntu6 (13.2 KiB)

2.5.4-1ubuntu4

Superseded in karmic-release on 2009-08-25

Obsolete in jaunty-release on 2013-02-28

python2.5 (2.5.4-1ubuntu4) jaunty; urgency=low

  * Fix issue #1651995, _convert_ref for non-ASCII characters. LP: #240929.
  * Fix issue #3845, in PyRun_SimpleFileExFlags avoid invalid memory access
    with short file names. LP: #234798.
  * Fix issue #1046, title endtag in HTMLCalender.formatyearpage().
    Closes: #513335.
  * Py_DECREF: Add `do { ... } while (0)' to avoid compiler warnings.
  * curses.initscr(): raise an error instead of calling exit() in error cases.
    Closes: #478817.
  * Fix comment macro in python manpage.

 -- Matthias Klose <email address hidden>   Sat, 04 Apr 2009 19:09:56 +0200

Available diffs

diff from 2.5.4-1ubuntu3 to 2.5.4-1ubuntu4 (3.6 KiB)

2.5.4-1ubuntu3

Superseded in jaunty-release on 2009-04-04

python2.5 (2.5.4-1ubuntu3) jaunty; urgency=low

  * Apply from the 2.5 release branch:
    - Issue #5389: Avoid potential for undefined variable 'startinpos' in
      PyUnicode_DecodeUTF7().
  * Re-add the locales build-dependency on sparc.
  * Backport fix for issue 4150 from the trunk. LP: #324708.
  * Use the information in /etc/lsb-release for platform.dist(). LP: #196526.

 -- Matthias Klose <email address hidden>   Wed, 18 Mar 2009 16:52:47 +0100

Available diffs

diff from 2.5.4-1ubuntu2 to 2.5.4-1ubuntu3 (2.7 KiB)

2.5.4-1ubuntu2

Superseded in jaunty-release on 2009-03-18

python2.5 (2.5.4-1ubuntu2) jaunty; urgency=low

  * Don't build-depend on locales on sparc (currently not installable), only
    needed by the testsuite.

 -- Matthias Klose <email address hidden>   Thu, 19 Feb 2009 12:58:47 +0100

Available diffs

diff from 2.5.4-1ubuntu1 to 2.5.4-1ubuntu2 (1.7 KiB)

2.5.4-1ubuntu1

Superseded in jaunty-release on 2009-02-19

python2.5 (2.5.4-1ubuntu1) jaunty; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.
  * Build-depend on libtk8.5-dev and libdb4.6-dev.

 -- Matthias Klose <email address hidden>   Thu, 19 Feb 2009 09:23:27 +0100

Available diffs

diff from 2.5.4-0ubuntu1 to 2.5.4-1ubuntu1 (1.2 KiB)

2.5.4-0ubuntu1

Superseded in jaunty-release on 2009-02-19

python2.5 (2.5.4-0ubuntu1) jaunty; urgency=low

  * New upstream version.
  * ctypes.util.find_library(): Determine the shared object name of a library
    using ldconfig only, only fall back to objdump/gcc if ldconfig fails.
    Raise exceptions if gcc or objdump cannot be found. Closes: #453287,
    LP: #211962.
    Packages needing binutils and/or gcc must explicitely depend on it.

 -- Matthias Klose <email address hidden>   Sun, 04 Jan 2009 22:31:15 +0100

Available diffs

diff from 2.5.3-0ubuntu1 to 2.5.4-0ubuntu1 (5.3 MiB)

2.5.3-0ubuntu1

Superseded in jaunty-release on 2009-01-05

python2.5 (2.5.3-0ubuntu1) jaunty; urgency=low

  * New upstream version.
  * Regenerate the included documentation.
  * Add an option --install-layout=deb, which is ignored for 2.5.

 -- Matthias Klose <email address hidden>   Sun, 21 Dec 2008 08:57:49 +0100

Available diffs

diff from 2.5.2-14ubuntu1 to 2.5.3-0ubuntu1 (5.4 MiB)

2.5.2-14ubuntu1

Superseded in jaunty-release on 2008-12-21

python2.5 (2.5.2-14ubuntu1) jaunty; urgency=low

  * Update to 20081122, taken from the 2.5 release branch.
  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

Available diffs

diff from 2.5.2-13ubuntu2 to 2.5.2-14ubuntu1 (5.3 MiB)

2.5.2-13ubuntu2

Superseded in jaunty-release on 2008-11-23

python2.5 (2.5.2-13ubuntu2) jaunty; urgency=low

  * No changed source rebuild for armel, which pulled in bad
    dependencies due to building again Debian sid binaries (LP: #300211)

 -- Michael Casadevall <email address hidden>   Thu, 20 Nov 2008 02:00:32 -0500

Available diffs

diff from 2.5.2-13ubuntu1 to 2.5.2-13ubuntu2 (369 bytes)

2.5.2-13ubuntu1

Superseded in jaunty-release on 2008-11-20

python2.5 (2.5.2-13ubuntu1) jaunty; urgency=low

  * Update to 20081004, taken from the 2.5 release branch.
  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

Available diffs

diff from 2.5.2-11.1ubuntu1 to 2.5.2-13ubuntu1 (1.3 KiB)

2.5.2-11.1ubuntu1

Superseded in jaunty-release on 2008-11-14

Obsolete in intrepid-release on 2013-02-20

python2.5 (2.5.2-11.1ubuntu1) intrepid; urgency=low

  * Update to 20081004, taken from the 2.5 release branch.
    - debian/patches/CVE-2008-2316: Remove, applied upstream.
    - debian/patches/CVE-2008-1679: Remove, applied upstream.
  * idle: Add version information to menu entry. LP: #209507.

Available diffs

diff from 2.5.2-11ubuntu3 to 2.5.2-11.1ubuntu1 (33.5 KiB)

2.5.2-11ubuntu3

Superseded in intrepid-release on 2008-10-05

python2.5 (2.5.2-11ubuntu3) intrepid; urgency=low

  * Remove really all instances of *_failed.so extensions. LP: #269918.

 -- Matthias Klose <email address hidden>   Sun, 14 Sep 2008 11:34:03 +0200

Available diffs

diff from 2.5.2-11ubuntu2 to 2.5.2-11ubuntu3 (539 bytes)

2.5.2-11ubuntu2

Superseded in intrepid-release on 2008-09-14

python2.5 (2.5.2-11ubuntu2) intrepid; urgency=low

  * debian/rules: Don't include extensions in the package, which failed
    to build and were renamed.

 -- Matthias Klose <email address hidden>   Sat, 13 Sep 2008 08:20:08 +0200

Available diffs

diff from 2.5.2-11ubuntu1 to 2.5.2-11ubuntu2 (567 bytes)

2.5.2-11ubuntu1

Superseded in intrepid-release on 2008-09-13

python2.5 (2.5.2-11ubuntu1) intrepid; urgency=low

  * Update to 20080912, taken from the 2.5 release branch.
    - debian/patches/subprocess-eintr-safety.dpatch: Update.
    - debian/patches/CVE-2007-4965.dpatch: Remove, applied upstream.
    - debian/patches/CVE-2008-2315.dpatch: Remove, applied upstream.
  * Update locale.locale_aliases from current X11 locale.alias.
    LP: #258635.

 -- Matthias Klose <email address hidden>   Fri, 12 Sep 2008 11:04:21 +0200

Available diffs

diff from 2.5.2-10ubuntu2 to 2.5.2-11ubuntu1 (5.3 MiB)

2.5.2-10ubuntu2

Superseded in intrepid-release on 2008-09-12

python2.5 (2.5.2-10ubuntu2) intrepid; urgency=low

  * Apply proposed fix for CVE-2008-2316, integer overflow in _hashopenssl.c.

 -- Matthias Klose <email address hidden>   Wed, 06 Aug 2008 07:32:55 +0000

Available diffs

diff from 2.5.2-10ubuntu1 to 2.5.2-10ubuntu2 (2.2 KiB)

2.5.2-2ubuntu4.1

Superseded in hardy-updates on 2009-07-23

Superseded in hardy-security on 2009-07-23

python2.5 (2.5.2-2ubuntu4.1) hardy-security; urgency=high

  * SECURITY UPDATE: arbitrary code execution via multiple integer overflows.
  * debian/rules, debian/patches/CVE-2008-3144.dpatch,
    debian/patches/CVE-2008-3142.dpatch, debian/patches/CVE-2008-2316.dpatch,
    debian/patches/CVE-2008-2315.dpatch: upstream fixes, thanks to
    Robert Buchholz.

 -- Kees Cook <email address hidden>   Wed, 30 Jul 2008 11:04:46 -0700

Available diffs

diff from 2.5.2-2ubuntu4 to 2.5.2-2ubuntu4.1 (10.2 KiB)

2.5.1-5ubuntu5.2

Obsolete in gutsy-updates on 2011-09-16

Obsolete in gutsy-security on 2011-09-16

python2.5 (2.5.1-5ubuntu5.2) gutsy-security; urgency=high

  * SECURITY UPDATE: arbitrary code execution via multiple integer overflows.
  * debian/rules, debian/patches/CVE-2008-1679.dpatch,
    debian/patches/CVE-2008-1721.dpatch, debian/patches/stringobject.dpatch:
    upstream fixes, thanks to Debian.
  * debian/rules, debian/patches/CVE-2008-3143.dpatch,
    debian/patches/CVE-2008-3142.dpatch, debian/patches/CVE-2008-2316.dpatch,
    debian/patches/CVE-2008-2315.dpatch, debian/patches/CVE-2008-3144.dpatch:
    upstream fixes, thanks to Robert Buchholz.
  * References
    CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315
    CVE-2008-2316 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144

 -- Kees Cook <email address hidden>   Tue, 29 Jul 2008 16:29:27 -0700

Available diffs

diff from 2.5.1-5ubuntu5.1 to 2.5.1-5ubuntu5.2 (19.9 KiB)

2.5.1-0ubuntu1.2

Obsolete in feisty-updates on 2009-08-20

Obsolete in feisty-security on 2009-08-20

python2.5 (2.5.1-0ubuntu1.2) feisty-security; urgency=high

  * SECURITY UPDATE: arbitrary code execution via multiple integer overflows.
  * debian/rules, debian/patches/CVE-2008-1679.dpatch,
    debian/patches/CVE-2008-1721.dpatch, debian/patches/stringobject.dpatch:
    upstream fixes, thanks to Debian.
  * debian/rules, debian/patches/CVE-2008-3143.dpatch,
    debian/patches/CVE-2008-3142.dpatch, debian/patches/CVE-2008-2316.dpatch,
    debian/patches/CVE-2008-2315.dpatch, debian/patches/CVE-2008-3144.dpatch:
    upstream fixes, thanks to Robert Buchholz.
  * References
    CVE-2008-1679 CVE-2008-1721 CVE-2008-1887 CVE-2008-2315
    CVE-2008-2316 CVE-2008-3142 CVE-2008-3143 CVE-2008-3144

 -- Kees Cook <email address hidden>   Tue, 29 Jul 2008 16:29:27 -0700

Available diffs

diff from 2.5.1-0ubuntu1.1 to 2.5.1-0ubuntu1.2 (19.9 KiB)

2.5.2-10ubuntu1

Superseded in intrepid-release on 2008-08-06

python2.5 (2.5.2-10ubuntu1) intrepid; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

Available diffs

diff from 2.5.2-7ubuntu2 to 2.5.2-10ubuntu1 (26.4 KiB)

2.5.2-7ubuntu2

Superseded in intrepid-release on 2008-08-01

python2.5 (2.5.2-7ubuntu2) intrepid; urgency=low

  * Re-add build dependency on sharutils, lost in last merge.

 -- Matthias Klose <email address hidden>   Sat, 28 Jun 2008 16:24:40 +0200

Available diffs

diff from 2.5.2-7ubuntu1 to 2.5.2-7ubuntu2 (827 bytes)

2.5.2-7ubuntu1

Superseded in intrepid-release on 2008-06-28

python2.5 (2.5.2-7ubuntu1) intrepid; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

Available diffs

diff from 2.5.2-5ubuntu1 to 2.5.2-7ubuntu1 (23.7 KiB)

2.5.2-5ubuntu1

Superseded in intrepid-release on 2008-06-25

python2.5 (2.5.2-5ubuntu1) intrepid; urgency=low

  * Merge with Debian; no new changes.

2.5.2-2ubuntu5

Deleted in hardy-proposed on 2008-06-30 (Reason: SRU rejection)

python2.5 (2.5.2-2ubuntu5) hardy-proposed; urgency=low

  * Allow setting BASECFLAGS, OPT and EXTRA_LDFLAGS (like, CC, CXX, CPP,
    CFLAGS, CPPFLAGS, CCSHARED, LDSHARED) from the environment. LP: #227686.

 -- Matthias Klose <email address hidden>   Wed, 07 May 2008 10:49:45 +0000

2.5.2-4ubuntu1

Superseded in intrepid-release on 2008-05-15

python2.5 (2.5.2-4ubuntu1) intrepid; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

2.5.2-2ubuntu4

Superseded in intrepid-release on 2008-04-30

Obsolete in hardy-release on 2015-04-24

python2.5 (2.5.2-2ubuntu4) hardy; urgency=low

  * Fix CVE-2008-1679, integer overflows in the imageop module.
  * Fix CVE-2008-1721, integer signedness error in the zlib extension module.
  * Fix issue 2587, PyString_FromStringAndSize() to be considered unsafe.
  * Fixes for issues (taken from the 2.5 branch):
    - Issue 2321: Reduce memory usage (increase the memory that is returned
      to the system) by using pymalloc for the data of unicode objects.
    - Issue 2515: _sqlite: Don't crash when trying to fetch data from a
      closed cursor.
    - Issue 2482:  Make sure that the coefficient of a Decimal instance
      is stored as a str instance rather than a unicode instance.
      Regression compared to 2.5.1.

 -- Matthias Klose <email address hidden>   Wed, 16 Apr 2008 22:45:12 +0200

2.5.2-2ubuntu3

Superseded in hardy-release on 2008-04-21

python2.5 (2.5.2-2ubuntu3) hardy; urgency=low

  * Fix urllib2 file descriptor happens byte-at-a-time, reverting
    a fix for excessively large memory allocations when calling .read()
    on a socket object wrapped with makefile(). LP: #214183.

 -- Matthias Klose <email address hidden>   Tue, 08 Apr 2008 23:27:23 +0200

2.5.2-2ubuntu2

Superseded in hardy-release on 2008-04-08

python2.5 (2.5.2-2ubuntu2) hardy; urgency=low

  * Build depend on libdb4.6-dev on amd64, i386, lpia; use libdb4.2-dev
    for all other architectures.
  * Backport new function signal.set_wakeup_fd from the trunk.
    Background: http://bugzilla.gnome.org/show_bug.cgi?id=481569
  * Regenerate the documentation.

 -- Matthias Klose <email address hidden>   Wed, 12 Mar 2008 12:06:48 +0000

2.5.1-5ubuntu5.1

Superseded in gutsy-updates on 2008-08-26

Superseded in gutsy-security on 2008-08-01

python2.5 (2.5.1-5ubuntu5.1) gutsy-security; urgency=low

  * SECURITY UPDATE: code execution via integer overflows.
  * debian/rules, debian/patches/CVE-2007-4965-int-overflow.dpatch: upstream
    changes, thanks to Stephan Hermann.
  * References
    http://bugs.python.org/file8592/python-2.5.CVE-2007-4965-int-overflow.patch
    CVE-2007-4965

 -- Kees Cook <email address hidden>   Thu, 06 Mar 2008 14:39:57 -0800

2.5.1-0ubuntu1.1

Superseded in feisty-updates on 2008-08-26

Superseded in feisty-security on 2008-08-01

python2.5 (2.5.1-0ubuntu1.1) feisty-security; urgency=low

  * SECURITY UPDATE: code execution via integer overflows
  * debian/rules, debian/patches/CVE-2007-4965-int-overflow.dpatch: upstream
    changes, thanks to Stephan Hermann.
  * References
    http://bugs.python.org/file8592/python-2.5.CVE-2007-4965-int-overflow.patch
    CVE-2007-4965

 -- Kees Cook <email address hidden>   Thu, 06 Mar 2008 15:01:27 -0800

2.5-2ubuntu2.1

Obsolete in edgy-updates on 2008-06-19

Obsolete in edgy-security on 2008-06-19

python2.5 (2.5-2ubuntu2.1) edgy-security; urgency=low

  * SECURITY UPDATE: code execution via integer overflows, information
    leak via strxfrm.
  * debian/rules, debian/patches/CVE-2007-4965-int-overflow.dpatch: upstream
    changes, thanks to Stephan Hermann.
  * debian/rules, debian/patches/strxfrm-leak.dpatch: upstream changes.
  * References
    http://bugs.python.org/file8592/python-2.5.CVE-2007-4965-int-overflow.patch
    CVE-2007-4965
    CVE-2007-2052

 -- Kees Cook <email address hidden>   Thu, 06 Mar 2008 15:01:27 -0800

2.5.2-2ubuntu1

Superseded in hardy-release on 2008-03-12

python2.5 (2.5.2-2ubuntu1) hardy; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

 -- Matthias Klose <email address hidden>   Sun, 09 Mar 2008 11:28:06 +0000

2.5.2-0ubuntu5

Superseded in hardy-release on 2008-03-09

python2.5 (2.5.2-0ubuntu5) hardy; urgency=low

  * Build-depend on libdb4.2-dev on all architectures; 4.6 is seriously
    broken when used with the _bsddb extension. LP: #196147.

 -- Matthias Klose <email address hidden>   Wed, 27 Feb 2008 18:33:53 +0100

2.5.2-0ubuntu4

Superseded in hardy-release on 2008-02-27

python2.5 (2.5.2-0ubuntu4) hardy; urgency=low

  * Move site.py to python2.4-minimal, remove `addbuilddir' from site.py,
    which is unnecessary for installed builds.

 -- Matthias Klose <email address hidden>   Tue, 26 Feb 2008 12:34:46 +0000

2.5.2-0ubuntu3

Superseded in hardy-release on 2008-02-26

python2.5 (2.5.2-0ubuntu3) hardy; urgency=low

  * Fix issue 961805, Tk Text.edit_modified() fails. LP: #84720.

 -- Matthias Klose <email address hidden>   Tue, 26 Feb 2008 12:27:11 +0100

2.5.2-0ubuntu2

Superseded in hardy-release on 2008-02-26

python2.5 (2.5.2-0ubuntu2) hardy; urgency=low

  * Unapply deb-setup patch before upload.

 -- Matthias Klose <email address hidden>   Tue, 26 Feb 2008 10:39:50 +0000

2.5.2-0ubuntu1

Superseded in hardy-release on 2008-02-26

python2.5 (2.5.2-0ubuntu1) hardy; urgency=low

  * New upstream bugfix version.
  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.
  * Move site customization into sitecustomize.py, don't make site.py
    a config file. Addresses: #309719, #413172, #457361.
  * python2.5-dev: Recommend libc-dev instead of suggesting it. LP: #164909.

2.5.1-6ubuntu1

Superseded in hardy-release on 2008-02-26

python2.5 (2.5.1-6ubuntu1) hardy; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

2.5.1-5ubuntu5

Superseded in hardy-release on 2008-01-03

Obsolete in gutsy-release on 2011-09-16

python2.5 (2.5.1-5ubuntu5) gutsy; urgency=low

  * Move developer related docs to the -dev package.

 -- Matthias Klose <email address hidden>   Fri, 05 Oct 2007 12:58:33 +0200

2.5.1-5ubuntu4

Superseded in gutsy-release on 2007-10-05

python2.5 (2.5.1-5ubuntu4) gutsy; urgency=low

  * Fix segfault in _ctypes module when configured with --with-system-ffi.
    LP: #72505.
  * Configure --with-system-ffi.
  * Enable running the testsuite.
  * Update to 20070929, taken from the 2.5 release branch.
  * Regenerate the documentation.

 -- Matthias Klose <email address hidden>   Sat, 29 Sep 2007 12:23:27 +0200

2.5.1-5ubuntu3

Superseded in gutsy-release on 2007-09-29

python2.5 (2.5.1-5ubuntu3) gutsy; urgency=low

  * Do not apply the db4.6 configuration patch.

 -- Matthias Klose <email address hidden>   Wed, 12 Sep 2007 00:51:03 +0200

2.5.1-5ubuntu2

Superseded in gutsy-release on 2007-09-12

python2.5 (2.5.1-5ubuntu2) gutsy; urgency=medium

  * Revert back to use db4.5 for the bsddb3 extension. The DB_HASH access
    method databases can lockup the process.
  * Update to 20070813, taken from the 2.5 release branch.

 -- Matthias Klose <email address hidden>   Tue, 11 Sep 2007 20:21:29 +0000

2.5.1-5ubuntu1

Superseded in gutsy-release on 2007-09-11

python2.5 (2.5.1-5ubuntu1) gutsy; urgency=low

  * Fix handling of packages in linecache.py (Kevin Goodsell). LP: #70902.
  * Bump debhelper to v5.

 -- Matthias Klose <email address hidden>   Fri, 17 Aug 2007 11:49:16 +0200

2.5.1-4ubuntu2

Superseded in gutsy-release on 2007-08-17

python2.5 (2.5.1-4ubuntu2) gutsy; urgency=low

  * Search for db4.6 header files. LP: #132580.

 -- Matthias Klose <email address hidden>   Wed, 15 Aug 2007 11:09:57 +0200

2.5.1-4ubuntu1

Superseded in gutsy-release on 2007-08-15

python2.5 (2.5.1-4ubuntu1) gutsy; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
  * Regenerate the documentation.

2.5.1-1ubuntu4

Superseded in gutsy-release on 2007-08-14

python2.5 (2.5.1-1ubuntu4) gutsy; urgency=low

  * Fix reference count for sys.pydebug variable. Closes LP: #124549.
  * Build depend on libbluetooth-dev instead of libbluetooth2-dev.
  * Include the docs in info format again. Closes LP: #116788.

 -- Matthias Klose <email address hidden>   Tue, 17 Jul 2007 13:52:03 +0200

2.5.1-1ubuntu3

Superseded in gutsy-release on 2007-07-17

python2.5 (2.5.1-1ubuntu3) gutsy; urgency=low

  * Update to 20070527, taken from the 2.5 release branch.
  * Regenerate the documentation.
  * Build-depend on texlive instead of tetex-*.

 -- Matthias Klose <email address hidden>   Sun, 27 May 2007 13:55:51 +0000

2.5.1-1ubuntu2

Superseded in gutsy-release on 2007-05-27

python2.5 (2.5.1-1ubuntu2) gutsy; urgency=low

  * Fix build dependency on gcc-4.1.

 -- Matthias Klose <email address hidden>   Thu, 26 Apr 2007 14:24:13 +0200

2.5.1-0ubuntu1

Superseded in feisty-updates on 2008-03-26

Deleted in feisty-proposed on 2008-03-30 (Reason: moved to -updates)

python2.5 (2.5.1-0ubuntu1) feisty-proposed; urgency=low

  * Python-2.5.1 release; changes compared to the release candidate:
    - SF #1701207: svnversion_init assertion failed; revert bogus asserts
      (added to the wrong place) from rev 52501.
    - Revert SF #1615701 (rev 53655): dict.update() does *not* call
      __getitem__() or keys() if subclassed.  This is to remain consistent
      with 2.5.
    - Revert 53667, bypass set specific optimizations for set and frozenset
      subclasses.  This is to remain consistent with 2.5.
    - Describe undocumented third argument to touchline()
  * Regenerate the documentation.

 -- Matthias Klose <email address hidden>   Wed, 18 Apr 2007 16:01:10 +0200

2.5.1-1ubuntu1

Superseded in gutsy-release on 2007-04-26

python2.5 (2.5.1-1ubuntu1) gutsy; urgency=low

  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build using tetex.

2.5.1~rc1-0ubuntu3

Superseded in gutsy-release on 2007-04-26

Obsolete in feisty-release on 2009-08-20

python2.5 (2.5.1~rc1-0ubuntu3) feisty; urgency=low

  * Use apport_python_hook instead of apport.python_hook to speedup
    the startup time of the interpreter. Ubuntu #105764.

 -- Matthias Klose <email address hidden>   Thu, 12 Apr 2007 12:27:43 +0200

2.5.1~rc1-0ubuntu2

Superseded in feisty-release on 2007-04-12

python2.5 (2.5.1~rc1-0ubuntu2) feisty; urgency=low

  * Reapply the change to Lib/plat-linux2/IN.py (lost in 2.5.1~rc1-0ubuntu1).

 -- Matthias Klose <email address hidden>   Fri,  6 Apr 2007 19:27:54 +0200

2.5.1~rc1-0ubuntu1

Superseded in feisty-release on 2007-04-06

python2.5 (2.5.1~rc1-0ubuntu1) feisty; urgency=low

  * Update to the 2.5.1 release candidate 1.

 -- Matthias Klose <email address hidden>   Fri,  6 Apr 2007 12:30:34 +0200

2.5-5ubuntu11

Superseded in feisty-release on 2007-04-06

python2.5 (2.5-5ubuntu11) feisty; urgency=low

  * Update to 20070327, taken from the 2.5 release branch.
    - documentation fixes.
    - Fix return type for PySequence_{Count,Index,Fast_GET_SIZE}.
    - Fix #1675967: re patterns pickled with older Python versions can
      now be unpickled. Ubuntu #74773.
    - Fix bug #1684254: webbrowser now uses shlex to split any command lines
      given to get().
    - Fix a TypeError while unpacking an iterable is no longer masked
      by a generic one with the message "unpack non-sequence".
    - Fix an error/crash when encountering syntax errors in complex
      if statements.
    - Fix #931877, preventing a segfault in object_reduce_ex() by splitting
      the implementation for __reduce__ and __reduce_ex__ into two separate
      functions.
    - The wave module now closes a file object it opened if initialization
      failed.
    - Don't modify __slots__ tuple if it contains an unicode name. Remove a
      reference leak that happened if the name could not be converted
      to string.
    - Fix #767111, a long-standing bug in urllib which caused an
      AttributeError instead of an IOError when the server's response didn't
      contain a valid HTTP status line.
    - Fix #1622896, a rare corner case where the bz2 module raised an
      error in spite of a succesful compression.
    - Support Unicode strings in
      email.message.Message.{set_charset,get_content_charset}.
    - Fix #1569798, a bug in distutils when building Python from a directory
      within sys.exec_prefix. Remove the Ubuntu fix.
    - Fix #742342; make Python stop segfaulting on infinitely-recursive
      reload()s.
    - Fix pdb's "ignore" and "condition" commands so they trap the IndexError
      caused by passing in an invalid breakpoint number.
    - remove unreachable code from type.__new__() method.
      __dict__ and __weakref__ are removed from the slots tuple earlier
      in the code, in the loop that mangles slot names.
    - Fix #1531963; make SocketServer.TCPServer's server_address always be
      equal to calling getsockname() on the server's socket.
    - Fix #1651235; when a tuple was passed to a ctypes function call,
      Python would crash instead of raising an error.
    - Fix #1646630: ctypes.string_at(buf, 0) and ctypes.wstring_at(buf, 0)
      returned string up to the first NUL character.
    - Fix #1637850: make_table in difflib did not work with unicode.
    - Fix #1676321: empty() returned wrong result.
  * python-dbg: After trying to load a foo_d.so or foomodule_d.so extension,
    try again using the unmodified name. The import will fail, if the extension
    is not built with Py_DEBUG, but it better integrates with third party
    archives (suggested by David Abrahams, Boost).

 -- Matthias Klose <email address hidden>   Thu, 29 Mar 2007 10:11:56 +0200

2.5-5ubuntu10

Superseded in feisty-release on 2007-03-29

python2.5 (2.5-5ubuntu10) feisty; urgency=low

  * Add debian/patches/subprocess-eintr-safety.dpatch:
    - Create and use wrappers around read(), write(), and os.waitpid() in the
      subprocess module which retry the operation on an EINTR (which happens
      if e. g. an alarm was raised while the system call was in progress). It is
      incredibly hard and inconvenient to sensibly handle this in
      applications, so let's fix this at the right level.
    - Patch based on original proposal of Peter Åstrand in
      http://sourceforge.net/tracker/index.php?func=detail&aid=1068268&group_id=5470&atid=105470
    - Add two test cases.
    - (LP: #87292)
  * debian/rules: Apply above patch.

 -- Martin Pitt <email address hidden>   Thu, 15 Mar 2007 09:20:37 +0100

2.5-5ubuntu9

Superseded in feisty-release on 2007-03-15

python2.5 (2.5-5ubuntu9) feisty; urgency=medium

  * Update to 20070307, taken from the 2.5 release branch.
  * Remove debug output from maintainer scripts.
  * Include the codecs and stringprep modules and all encodings except
    the multibyte encodings and the bz2 codec into the -minimal package.

 -- Matthias Klose <email address hidden>   Wed,  7 Mar 2007 16:24:30 +0100

2.5-5ubuntu8

Superseded in feisty-release on 2007-03-07

python2.5 (2.5-5ubuntu8) feisty; urgency=low

  * Update to 20070305, taken from the 2.5 release branch:
    - Prevent crash when trying to print an unraisable error
      from a string exception.
    - Properly discard third argument to slot_nb_inplace_power.
    - Fix crash in exec if Unicode filename can't be decoded.
  * Regenerate the documentation.
  * Keep the module version in the .egg-info name, only remove the
    python version.
  * When trying to import the profile and pstats modules, don't
    exit, add a hint to the exception pointing to the python-profiler
    package, don't exit.

 -- Matthias Klose <email address hidden>   Mon,  5 Mar 2007 11:19:35 +0100

2.5-5ubuntu7

Superseded in feisty-release on 2007-03-05

python2.5 (2.5-5ubuntu7) feisty; urgency=low

  * Build depend on automake1.9.

 -- Matthias Klose <email address hidden>   Fri, 16 Feb 2007 18:49:01 +0100

2.5-5ubuntu6

Superseded in feisty-release on 2007-02-16

python2.5 (2.5-5ubuntu6) feisty; urgency=low

  * Update to 20070216, taken from the 2.5 release branch.
  * Regenerate the documentation.
  * Fix import of old style extensions in debug mode.
  * python2.5-dbg: Install Misc/SpecialBuilds.txt, document the
    debug changes in README.debug.
  * Move pyconfig.h from the python2.5-dev into the python2.5 package.
  * Do not install anymore outdated debhelper sample scripts.
  * Set Ubuntu maintainer address.

 -- Matthias Klose <email address hidden>   Fri, 16 Feb 2007 16:10:49 +0100

2.5-5ubuntu5

Superseded in feisty-release on 2007-02-16

python2.5 (2.5-5ubuntu5) feisty; urgency=low

  * Update to 20070205, taken from the 2.5 release branch.
  * Regenerate the documentation.
  * Change the interpreter to build and install python extensions
    built with the python-dbg interpreter with a different name into
    the same path (by appending `_d' to the extension name).
  * Do not encode the module version and python version into the
    .egg-info name.

 -- Matthias Klose <email address hidden>   Mon,  5 Feb 2007 01:55:05 +0100

2.5-5ubuntu4

Superseded in feisty-release on 2007-02-05

python2.5 (2.5-5ubuntu4) feisty; urgency=low

  * python2.5-minimal: Remove the dependency on python-minimal,
    not needed for Ubuntu. Ubuntu 79085.

 -- Matthias Klose <email address hidden>   Mon, 15 Jan 2007 16:43:54 +0000

2.5-5ubuntu3

Superseded in feisty-release on 2007-01-15

python2.5 (2.5-5ubuntu3) feisty; urgency=low

  * config/Makefile: Properly set the CXX macro.
  * Move config/config.c into the python2.5 package; needed to
    build pure python modules.

 -- Matthias Klose <email address hidden>   Mon, 15 Jan 2007 10:49:06 +0000

2.5-5ubuntu2

Superseded in feisty-release on 2007-01-15

python2.5 (2.5-5ubuntu2) feisty; urgency=low

  * Update to 20070111, taken from the 2.5 release branch.
  * Regenerate the documentation.

 -- Matthias Klose <email address hidden>   Thu, 11 Jan 2007 15:18:44 +0000

2.5-5ubuntu1

Superseded in feisty-release on 2007-01-12

python2.5 (2.5-5ubuntu1) feisty; urgency=low

  * site.py: Add apport hook. Ubuntu #70957.

2.5-2ubuntu3

Superseded in feisty-release on 2006-12-13

python2.5 (2.5-2ubuntu3) feisty; urgency=low

  * Rebuild for ldbl128 change on powerpc and sparc.

 -- Matthias Klose <email address hidden>   Thu,  2 Nov 2006 10:01:14 +0000

Ubuntu
python2.5 package

Change log for python2.5 package in Ubuntu

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Ubuntupython2.5 package

Change log for python2.5 package in Ubuntu

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Available diffs

Ubuntu
python2.5 package