python2.7 2.7.3-0ubuntu3.8 source package in Ubuntu

Changelog

python2.7 (2.7.3-0ubuntu3.8) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service in multiple servers
    - debian/patches/CVE-2013-1752-ftplib.patch: limit amount of data read
      in Lib/ftplib.py, added test to Lib/test/test_ftplib.py.
    - debian/patches/CVE-2013-1752-httplib-1.patch: limit long lines in
      Lib/httplib.py.
    - debian/patches/CVE-2013-1752-httplib-2.patch: limit amount of headers
      in Lib/httplib.py, added test to Lib/test/test_httplib.py.
    - debian/patches/CVE-2013-1752-imaplib-1.patch: limit line length in
      Lib/imaplib.py, added test to Lib/test/test_imaplib.py.
    - debian/patches/CVE-2013-1752-imaplib-2.patch: disable broken test in
      Lib/test/test_imaplib.py.
    - debian/patches/CVE-2013-1752-nntplib.patch: limit line length in
      Lib/nntplib.py, added test to Lib/test/test_nntplib.py.
    - debian/patches/CVE-2013-1752-poplib.patch: limit maximum line length
      in Lib/poplib.py, added test to Lib/test/test_poplib.py.
    - debian/patches/CVE-2013-1752-smtplib.patch: limit amount read from
      the network in Lib/smtplib.py, added test to
      Lib/test/test_smtplib.py.
    - CVE-2013-1752
  * SECURITY UPDATE: denial of service via xmlrpc gzip-compressed
    HTTP bodies
    - debian/patches/CVE-2013-1753.patch: add default limit in
      Lib/xmlrpclib.py, added test to Lib/test/test_xmlrpc.py.
    - CVE-2013-1753
  * SECURITY UPDATE: arbitrary memory read via idx argument
    - debian/patches/CVE-2014-4616.patch: reject negative idx values in
      Modules/_json.c, added test to Lib/json/tests/test_decode.py.
    - CVE-2014-4616
  * SECURITY UPDATE: code execution or file disclosure via CGIHTTPServer
    - debian/patches/CVE-2014-4650.patch: url unquote path in
      Lib/CGIHTTPServer.py, added test to Lib/test/test_httpservers.py.
    - CVE-2014-4650
  * SECURITY UPDATE: information disclosure via buffer function
    - debian/patches/CVE-2014-7185.patch: avoid overflow in
      Objects/bufferobject.c, added test to Lib/test/test_buffer.py.
    - CVE-2014-7185

 -- Marc Deslauriers <email address hidden>  Mon, 22 Jun 2015 10:55:41 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2015-06-22
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
python2.7_2.7.3.orig.tar.gz 13.6 MiB 68bddd390a22ce9a9946ad711fc0042c831889be1f8ff79c0945f7a973e05bda
python2.7_2.7.3-0ubuntu3.8.diff.gz 265.0 KiB 67110ef9c105788ce9eebb8f349f83c65ac5e43c0be2cfc44083457b64de26db
python2.7_2.7.3-0ubuntu3.8.dsc 2.7 KiB 177eaf60e9423b768f02af4f692f55e48a3ac1afeb288f1b65991e871f65920a

View changes file

Binary packages built by this source

idle-python2.7: IDE for Python (v2.7) using Tkinter

 IDLE is an Integrated Development Environment for Python (v2.7).
 IDLE is written using Tkinter and therefore quite platform-independent.

libpython2.7: Shared Python runtime library (version 2.7)

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

libpython2.7-dbgsym: debug symbols for package libpython2.7

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

python2.7: Interactive high-level object-oriented language (version 2.7)

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.7-dbg: Debug Build of the Python Interpreter (version 2.7)

 Python interpreter configured with --pydebug. Dynamically loaded modules are
 searched in /usr/lib/python2.7/lib-dynload/debug first.

python2.7-dbgsym: debug symbols for package python2.7

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.7-dev: Header files and a static library for Python (v2.7)

 Header files, a static library and development tools for building
 Python (v2.7) modules, extending the Python interpreter or embedding
 Python (v2.7) in applications.
 .
 Maintainers of Python packages should read README.maintainers.

python2.7-doc: Documentation for the high-level object-oriented language Python (v2.7)

 These is the official set of documentation for the interactive high-level
 object-oriented language Python (v2.7). All documents are provided
 in HTML format. The package consists of ten documents:
 .
   * What's New in Python2.7
   * Tutorial
   * Python Library Reference
   * Macintosh Module Reference
   * Python Language Reference
   * Extending and Embedding Python
   * Python/C API Reference
   * Installing Python Modules
   * Documenting Python
   * Distributing Python Modules

python2.7-examples: Examples for the Python language (v2.7)

 Examples, Demos and Tools for Python (v2.7). These are files included in
 the upstream Python distribution (v2.7).

python2.7-minimal: Minimal subset of the Python language (version 2.7)

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.7-minimal/README.Debian for a list of the modules
 contained in this package.

python2.7-minimal-dbgsym: debug symbols for package python2.7-minimal

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.7-minimal/README.Debian for a list of the modules
 contained in this package.