python2.7 2.7.3-0ubuntu3.9 source package in Ubuntu

Changelog

python2.7 (2.7.3-0ubuntu3.9) precise-security; urgency=medium

  * SECURITY UPDATE: StartTLS stripping attack
    - debian/patches/CVE-2016-0772.patch: raise an error when
      STARTTLS fails in Lib/smtplib.py.
    - CVE-2016-0772
  * SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
    scripts (aka HTTPOXY attack)
    - debian/patches/CVE-2016-1000110-pre.patch: prefer lower_case
      proxy environment variables over UPPER_CASE or Mixed_Case ones.
    - debian/patches/CVE-2016-1000110.patch: if running as CGI
      script, forget HTTP_PROXY in Lib/urllib.py, add test to
      Lib/test/test_urllib.py, add documentation.
    - CVE-2016-1000110
  * SECURITY UPDATE: Integer overflow when handling zipfiles
    - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
      Modules/zipimport.c
    - debian/patches/CVE-2016-5636.patch: check for too large value in
      Modules/zipimport.c
    - CVE-2016-5636
  * SECURITY UPDATE: CRLF injection vulnerability in the
    HTTPConnection.putheader
    - debian/patches/CVE-2016-5699.patch: disallow newlines in
      putheader() arguments when not followed by spaces or tabs in
      Lib/httplib.py, add tests in Lib/test/test_httplib.py
    - CVE-2016-5699

 -- Steve Beattie <email address hidden>  Tue, 25 Oct 2016 15:38:47 -0700

Upload details

Uploaded by:
Steve Beattie on 2016-10-26
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2016-11-22 main python
Precise security on 2016-11-22 main python

Downloads

File Size SHA-256 Checksum
python2.7_2.7.3.orig.tar.gz 13.6 MiB 68bddd390a22ce9a9946ad711fc0042c831889be1f8ff79c0945f7a973e05bda
python2.7_2.7.3-0ubuntu3.9.diff.gz 272.8 KiB 5c2ab358ecebb2da3df3d6e3ad256898a818eea4b3d3f4443e0848e5231aebd9
python2.7_2.7.3-0ubuntu3.9.dsc 2.7 KiB 5998a90d7e4643ae51f832b8616eece82d053d5e41c2617228e28d230eeb061f

View changes file

Binary packages built by this source

idle-python2.7: IDE for Python (v2.7) using Tkinter

 IDLE is an Integrated Development Environment for Python (v2.7).
 IDLE is written using Tkinter and therefore quite platform-independent.

libpython2.7: Shared Python runtime library (version 2.7)

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

libpython2.7-dbgsym: debug symbols for package libpython2.7

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

python2.7: Interactive high-level object-oriented language (version 2.7)

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.7-dbg: Debug Build of the Python Interpreter (version 2.7)

 Python interpreter configured with --pydebug. Dynamically loaded modules are
 searched in /usr/lib/python2.7/lib-dynload/debug first.

python2.7-dbgsym: debug symbols for package python2.7

 Version 2.7 of the high-level, interactive object oriented language,
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.7-dev: Header files and a static library for Python (v2.7)

 Header files, a static library and development tools for building
 Python (v2.7) modules, extending the Python interpreter or embedding
 Python (v2.7) in applications.
 .
 Maintainers of Python packages should read README.maintainers.

python2.7-doc: Documentation for the high-level object-oriented language Python (v2.7)

 These is the official set of documentation for the interactive high-level
 object-oriented language Python (v2.7). All documents are provided
 in HTML format. The package consists of ten documents:
 .
   * What's New in Python2.7
   * Tutorial
   * Python Library Reference
   * Macintosh Module Reference
   * Python Language Reference
   * Extending and Embedding Python
   * Python/C API Reference
   * Installing Python Modules
   * Documenting Python
   * Distributing Python Modules

python2.7-examples: Examples for the Python language (v2.7)

 Examples, Demos and Tools for Python (v2.7). These are files included in
 the upstream Python distribution (v2.7).

python2.7-minimal: Minimal subset of the Python language (version 2.7)

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.7-minimal/README.Debian for a list of the modules
 contained in this package.

python2.7-minimal-dbgsym: debug symbols for package python2.7-minimal

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.7-minimal/README.Debian for a list of the modules
 contained in this package.