python2.6 2.6.5-1ubuntu6.1 source package in Ubuntu


python2.6 (2.6.5-1ubuntu6.1) lucid-security; urgency=low

  * SECURITY UPDATE: fix hash randomization DoS
    - debian/patches/CVE-2012-1150.dpatch: add -R command-line option and
      PYTHONHASHSEED environment variable, to provide an opt-in way to protect
      against denial of service attacks due to hash collisions within the dict
      and set types.
    - CVE-2012-1150
  * SECURITY UPDATE: xmlrpc: Fix an endless loop in SimpleXMLRPCServer upon
    malformed POST request
    - debian/patches/CVE-2012-0845.dpatch: break if don't receive EOF in
    - CVE-2012-0845
    - debian/patches/CVE-2011-4944.dpatch: create ~/.pypirc securely
    - CVE-2011-4944
  * SECURITY UPDATE: Fix CGIHTTPServer information disclosure.
    - debian/patches/CVE-2011-1015.dpatch: Relative paths are now collapsed
      within the url properly before looking in cgi_directories.
    - CVE-2011-1015
  * SECURITY UPDATE: fix XSS in SimpleHTTPServer
    - debian/patches/CVE-2011-4940.dpatch: add a charset parameter to the
    - CVE-2011-4940
  * SECURITY UPDATE: update urllib and urllib2 for invalid redirections
    - debian/patches/CVE-2011-1521.dpatch: only process Location headers for
      http, https, and ftp
    - CVE-2011-1521
    - debian/patches/CVE-2010-3493.dpatch: adds proper error handling on
      accept() when smtpd accepts new incoming connections
    - CVE-2010-3493
  * SECURITY UPDATE: fix DoS in audioop module
    - debian/patches/CVE-2010-2089.dpatch: ensure that the input string length
      is a multiple of the frame size
    - CVE-2010-2089
  * SECURITY UPDATE: fix integer overflows in audioop module
    - debian/patches/CVE-2010-1634.dpatch: Fix incorrect and UB-inducing
      overflow checks
    - CVE-2010-1634
  * SECURITY UPDATE: optionally disallow setting sys.path when setting
    - debian/patches/CVE-2008-5983.dpatch: add new C API function,
    - CVE-2008-5983
 -- Jamie Strandboge <email address hidden>   Fri, 28 Sep 2012 07:32:40 -0500

Upload details

Uploaded by:
Jamie Strandboge on 2012-10-01
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section


File Size MD5 Checksum
python2.6_2.6.5.orig.tar.gz 12.7 MiB adee6dc2752f1b172e3f3ff6cab483e4
python2.6_2.6.5-1ubuntu6.1.diff.gz 267.0 KiB 7262ca5f135411b45be3e06ebd37b399
python2.6_2.6.5-1ubuntu6.1.dsc 2.4 KiB 0c5dd74a8e3edf540404d6ee8f9d3495

View changes file

Binary packages built by this source

idle-python2.6: An IDE for Python (v2.6) using Tkinter

 IDLE is an Integrated Development Environment for Python (v2.6).
 IDLE is written using Tkinter and therefore quite platform-independent.

libpython2.6: Shared Python runtime library (version 2.6)

 Version 2.6 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

python2.6: An interactive high-level object-oriented language (version 2.6)

 Version 2.6 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.6-dbg: Debug Build of the Python Interpreter (version 2.6)

 Python interpreter configured with --pydebug. Dynamically loaded modules are
 searched in /usr/lib/python2.6/lib-dynload/debug first.

python2.6-dev: Header files and a static library for Python (v2.6)

 Header files, a static library and development tools for building
 Python (v2.6) modules, extending the Python interpreter or embedding
 Python (v2.6) in applications.
 Maintainers of Python packages should read README.maintainers.

python2.6-doc: Documentation for the high-level object-oriented language Python (v2.6)

 These is the official set of documentation for the interactive high-level
 object-oriented language Python (v2.6). All documents are provided
 in HTML format. The package consists of ten documents:
   * What's New in Python2.6
   * Tutorial
   * Python Library Reference
   * Macintosh Module Reference
   * Python Language Reference
   * Extending and Embedding Python
   * Python/C API Reference
   * Installing Python Modules
   * Documenting Python
   * Distributing Python Modules

python2.6-examples: Examples for the Python language (v2.6)

 Examples, Demos and Tools for Python (v2.6). These are files included in
 the upstream Python distribution (v2.6).

python2.6-minimal: A minimal subset of the Python language (version 2.6)

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.6-minimal/README.Debian for a list of the modules
 contained in this package.