python2.6 2.6.5-1ubuntu6.1 source package in Ubuntu


python2.6 (2.6.5-1ubuntu6.1) lucid-security; urgency=low

  * SECURITY UPDATE: fix hash randomization DoS
    - debian/patches/CVE-2012-1150.dpatch: add -R command-line option and
      PYTHONHASHSEED environment variable, to provide an opt-in way to protect
      against denial of service attacks due to hash collisions within the dict
      and set types.
    - CVE-2012-1150
  * SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
    malformed POST request
    - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
    - CVE-2012-0845
    - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
    - CVE-2011-4944
  * SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
    - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
      within the url properly before looking in cgi_directories.
    - CVE-2011-1015
  * SECURITY UPDATE: fix XSS in SimpleHTTPServer
    - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
    - CVE-2011-4940
  * SECURITY UPDATE: update urllib and urllib2 for invalid redirections
    - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
      http, https, and ftp
    - CVE-2011-1521
    - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
      accept() when smtpd accepts new incoming connections
    - CVE-2010-3493
  * SECURITY UPDATE: fix DoS in audioop module
    - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
      is a multiple of the frame size
    - CVE-2010-2089
  * SECURITY UPDATE: fix integer overflows in audioop module
    - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
      overflow checks
    - CVE-2010-1634
  * SECURITY UPDATE: optionally disallow setting sys.path when setting
    - debian/patches/CVE-2008-5983.dpatch: add new C API function,
    - CVE-2008-5983
 -- Jamie Strandboge <email address hidden>   Fri, 28 Sep 2012 07:32:40 -0500

Upload details

Uploaded by:
Jamie Strandboge on 2012-10-01
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size SHA-256 Checksum
python2.6_2.6.5.orig.tar.gz 12.7 MiB 992eb74360bd73cee21e77d96e8d864cc6c5e3bff15b4e4eac87d24224a5cc4e
python2.6_2.6.5-1ubuntu6.1.diff.gz 267.0 KiB 90b73c440fb98ba06b2496e3961c5d0ad057aabc5032556d222d71c26aef807e
python2.6_2.6.5-1ubuntu6.1.dsc 2.4 KiB a38ee133e5a93c51c493397aeb0d804f8d5fd5bc168e95865620518ac9722868

View changes file

Binary packages built by this source

idle-python2.6: An IDE for Python (v2.6) using Tkinter

 IDLE is an Integrated Development Environment for Python (v2.6).
 IDLE is written using Tkinter and therefore quite platform-independent.

libpython2.6: Shared Python runtime library (version 2.6)

 Version 2.6 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

python2.6: An interactive high-level object-oriented language (version 2.6)

 Version 2.6 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.6-dbg: Debug Build of the Python Interpreter (version 2.6)

 Python interpreter configured with --pydebug. Dynamically loaded modules are
 searched in /usr/lib/python2.6/lib-dynload/debug first.

python2.6-dev: Header files and a static library for Python (v2.6)

 Header files, a static library and development tools for building
 Python (v2.6) modules, extending the Python interpreter or embedding
 Python (v2.6) in applications.
 Maintainers of Python packages should read README.maintainers.

python2.6-doc: Documentation for the high-level object-oriented language Python (v2.6)

 These is the official set of documentation for the interactive high-level
 object-oriented language Python (v2.6). All documents are provided
 in HTML format. The package consists of ten documents:
   * What's New in Python2.6
   * Tutorial
   * Python Library Reference
   * Macintosh Module Reference
   * Python Language Reference
   * Extending and Embedding Python
   * Python/C API Reference
   * Installing Python Modules
   * Documenting Python
   * Distributing Python Modules

python2.6-examples: Examples for the Python language (v2.6)

 Examples, Demos and Tools for Python (v2.6). These are files included in
 the upstream Python distribution (v2.6).

python2.6-minimal: A minimal subset of the Python language (version 2.6)

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.6-minimal/README.Debian for a list of the modules
 contained in this package.