python2.7 2.7.6-8ubuntu0.5 source package in Ubuntu

Changelog

python2.7 (2.7.6-8ubuntu0.5) trusty-security; urgency=medium

  * SECURITY UPDATE: heap buffer overflow via race condition
    - debian/patches/CVE-2018-1000030-1.patch: stop crashes when iterating
      over a file on multiple threads in Lib/test/test_file2k.py,
      Objects/fileobject.c.
    - debian/patches/CVE-2018-1000030-2.patch: fix crash when multiple
      threads iterate over a file in Lib/test/test_file2k.py,
      Objects/fileobject.c.
    - CVE-2018-1000030
  * SECURITY UPDATE: command injection in shutil module
    - debian/patches/CVE-2018-1000802.patch: use subprocess rather than
      distutils.spawn in Lib/shutil.py.
    - CVE-2018-1000802
  * SECURITY UPDATE: DoS via catastrophic backtracking
    - debian/patches/CVE-2018-106x.patch: fix expressions in
      Lib/difflib.py, Lib/poplib.py. Added tests to
      Lib/test/test_difflib.py, Lib/test/test_poplib.py.
    - CVE-2018-1060
    - CVE-2018-1061
  * SECURITY UPDATE: incorrect Expat hash salt initialization
    - debian/patches/CVE-2018-14647.patch: call SetHashSalt in
      Include/pyexpat.h, Modules/_elementtree.c, Modules/pyexpat.c.
    - CVE-2018-14647

 -- Marc Deslauriers <email address hidden>  Mon, 12 Nov 2018 11:49:11 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2018-11-12
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Trusty updates on 2018-11-13 main python
Trusty security on 2018-11-13 main python

Downloads

File Size SHA-256 Checksum
python2.7_2.7.6.orig.tar.gz 14.1 MiB b6eeafea7ffaa8c25e2169ba5f5f66bedfa504a51cf62ae7df58a424c3f3fc02
python2.7_2.7.6-8ubuntu0.5.diff.gz 628.2 KiB 3621ba408e8a6052ba7f31d74af64b2be44bcba6db03fa87af2baf7edc268824
python2.7_2.7.6-8ubuntu0.5.dsc 3.2 KiB 46dd65031c2029e34e72592fecd445e555bae789bbf82418eaf2f9e214f35397

View changes file

Binary packages built by this source

idle-python2.7: IDE for Python (v2.7) using Tkinter

 IDLE is an Integrated Development Environment for Python (v2.7).
 IDLE is written using Tkinter and therefore quite platform-independent.

libpython2.7: Shared Python runtime library (version 2.7)

 Python is a high-level, interactive, object-oriented language. Its 2.7 version
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

libpython2.7-dbg: Debug Build of the Python Interpreter (version 2.7)

 The package holds two things:
 .
 - Extensions for a Python interpreter configured with --pydebug.
 - Debug information for standard python extensions.
 .
 See the README.debug for more information.

libpython2.7-dbgsym: debug symbols for package libpython2.7

 Python is a high-level, interactive, object-oriented language. Its 2.7 version
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains the shared runtime library, normally not needed
 for programs using the statically linked interpreter.

libpython2.7-dev: Header files and a static library for Python (v2.7)

 Header files, a static library and development tools for building
 Python (v2.7) modules, extending the Python interpreter or embedding
 Python (v2.7) in applications.
 .
 Maintainers of Python packages should read README.maintainers.
 .
 This package contains development files. It is normally not
 used on it's own, but as a dependency of python2.7-dev.

libpython2.7-dev-dbgsym: debug symbols for package libpython2.7-dev

 Header files, a static library and development tools for building
 Python (v2.7) modules, extending the Python interpreter or embedding
 Python (v2.7) in applications.
 .
 Maintainers of Python packages should read README.maintainers.
 .
 This package contains development files. It is normally not
 used on it's own, but as a dependency of python2.7-dev.

libpython2.7-minimal: Minimal subset of the Python language (version 2.7)

 This package contains some essential modules. It is normally not
 used on it's own, but as a dependency of python2.7-minimal.

libpython2.7-minimal-dbgsym: debug symbols for package libpython2.7-minimal

 This package contains some essential modules. It is normally not
 used on it's own, but as a dependency of python2.7-minimal.

libpython2.7-stdlib: Interactive high-level object-oriented language (standard library, version 2.7)

 Python is a high-level, interactive, object-oriented language. Its 2.7 version
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains Python 2.7's standard library. It is normally not
 used on its own, but as a dependency of python2.7.

libpython2.7-stdlib-dbgsym: debug symbols for package libpython2.7-stdlib

 Python is a high-level, interactive, object-oriented language. Its 2.7 version
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.
 .
 This package contains Python 2.7's standard library. It is normally not
 used on its own, but as a dependency of python2.7.

libpython2.7-testsuite: Testsuite for the Python standard library (v2.7)

 The complete testsuite for the Python standard library. Note that
 a subset is found in the libpython2.7-stdlib package, which should
 be enough for other packages to use (please do not build-depend
 on this package, but file a bug report to include additional
 testsuite files in the libpython2.7-stdlib package).

python2.7: Interactive high-level object-oriented language (version 2.7)

 Python is a high-level, interactive, object-oriented language. Its 2.7 version
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.7-dbg: Debug Build of the Python Interpreter (version 2.7)

 The package holds two things:
 .
 - A Python interpreter configured with --pydebug. Dynamically loaded modules
   are searched as <foo>_d.so first. Third party extensions need a separate
   build to be used by this interpreter.
 - Debug information for standard python interpreter and extensions.
 .
 See the README.debug for more information.

python2.7-dbgsym: debug symbols for package python2.7

 Python is a high-level, interactive, object-oriented language. Its 2.7 version
 includes an extensive class library with lots of goodies for
 network programming, system administration, sounds and graphics.

python2.7-dev: Header files and a static library for Python (v2.7)

 Header files, a static library and development tools for building
 Python (v2.7) modules, extending the Python interpreter or embedding
 Python (v2.7) in applications.
 .
 Maintainers of Python packages should read README.maintainers.

python2.7-dev-dbgsym: debug symbols for package python2.7-dev

 Header files, a static library and development tools for building
 Python (v2.7) modules, extending the Python interpreter or embedding
 Python (v2.7) in applications.
 .
 Maintainers of Python packages should read README.maintainers.

python2.7-doc: Documentation for the high-level object-oriented language Python (v2.7)

 These is the official set of documentation for the interactive high-level
 object-oriented language Python (v2.7). All documents are provided
 in HTML format. The package consists of ten documents:
 .
   * What's New in Python2.7
   * Tutorial
   * Python Library Reference
   * Macintosh Module Reference
   * Python Language Reference
   * Extending and Embedding Python
   * Python/C API Reference
   * Installing Python Modules
   * Documenting Python
   * Distributing Python Modules

python2.7-examples: Examples for the Python language (v2.7)

 Examples, Demos and Tools for Python (v2.7). These are files included in
 the upstream Python distribution (v2.7).

python2.7-minimal: Minimal subset of the Python language (version 2.7)

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.7-minimal/README.Debian for a list of the modules
 contained in this package.

python2.7-minimal-dbgsym: debug symbols for package python2.7-minimal

 This package contains the interpreter and some essential modules. It can
 be used in the boot process for some basic tasks.
 See /usr/share/doc/python2.7-minimal/README.Debian for a list of the modules
 contained in this package.