-
python2.5 (2.5.2-11.1ubuntu1.1) intrepid-security; urgency=low
* SECURITY UPDATE: fix DoS via malformed XML
- debian/patches/CVE-2009-3720.dpatch: update Modules/expat/xmltok_impl.c
to not access beyond end of input string
- CVE-2009-3720
* SECURITY UPDATE: fix DoS via malformed UTF-8 sequences
- debian/patches/CVE-2009-3560.dpatch: update Modules/expat/xmlparse.c to
properly recognize the end of a token
- CVE-2009-3560
-- Jamie Strandboge <email address hidden> Wed, 20 Jan 2010 08:22:50 -0600
-
python2.5 (2.5.2-11.1ubuntu1) intrepid; urgency=low
* Update to 20081004, taken from the 2.5 release branch.
- debian/patches/CVE-2008-2316: Remove, applied upstream.
- debian/patches/CVE-2008-1679: Remove, applied upstream.
* idle: Add version information to menu entry. LP: #209507.
python2.5 (2.5.2-11.1) unstable; urgency=medium
* Non-maintainer upload.
* Expand copyright notice to cover licenses of linked against libraries.
Closes: #498477.
* Introduce new platform definitions for alpha, hppa, mips, mipsel, sparc.
Closes: #499132.
-- Matthias Klose <email address hidden> Sun, 05 Oct 2008 09:36:15 +0200
-
python2.5 (2.5.2-11ubuntu3) intrepid; urgency=low
* Remove really all instances of *_failed.so extensions. LP: #269918.
-- Matthias Klose <email address hidden> Sun, 14 Sep 2008 11:34:03 +0200
-
python2.5 (2.5.2-11ubuntu2) intrepid; urgency=low
* debian/rules: Don't include extensions in the package, which failed
to build and were renamed.
-- Matthias Klose <email address hidden> Sat, 13 Sep 2008 08:20:08 +0200
-
python2.5 (2.5.2-11ubuntu1) intrepid; urgency=low
* Update to 20080912, taken from the 2.5 release branch.
- debian/patches/subprocess-eintr-safety.dpatch: Update.
- debian/patches/CVE-2007-4965.dpatch: Remove, applied upstream.
- debian/patches/CVE-2008-2315.dpatch: Remove, applied upstream.
* Update locale.locale_aliases from current X11 locale.alias.
LP: #258635.
-- Matthias Klose <email address hidden> Fri, 12 Sep 2008 11:04:21 +0200
-
python2.5 (2.5.2-10ubuntu2) intrepid; urgency=low
* Apply proposed fix for CVE-2008-2316, integer overflow in _hashopenssl.c.
-- Matthias Klose <email address hidden> Wed, 06 Aug 2008 07:32:55 +0000
-
python2.5 (2.5.2-10ubuntu1) intrepid; urgency=low
* Merge with Debian; remaining changes:
- Include the pregenerated documentation.
- Set priority of python2.5-minimal to required.
- Build python2.5-doc from the pregenerated documentation.
python2.5 (2.5.2-10) unstable; urgency=medium
* Update to 20080731, taken from the 2.5 release branch, only change:
- Fix issue #2620, CVE-2008-3142, overflow checking when allocating or
reallocating memory was not always being done properly in some python
types and extension modules.
* Issues #2588, #2589, CVE-2008-3144, fixed in 2.5.2-7.
* Fix CVE-2008-2315, more overflow checking in extension modules.
python2.5 (2.5.2-9) unstable; urgency=low
* python2.5-minimal: Recommend python2.5 (suggested by Neil McGovern).
* Update to 20080726, taken from the 2.5 release branch.
- Fix issues #2242, #3360.
python2.5 (2.5.2-8) unstable; urgency=low
* Update to 20080712, taken from the 2.5 release branch.
- Fix issues #1792, #2906, #3088, #3110, #3116, #3117, #3157, #3243.
* Fix bashisms in Tools/faqwiz/move-faqwiz.sh. Closes: #489649.
* Fix issues with turkish locale. Closes: #489740.
-- Matthias Klose <email address hidden> Thu, 31 Jul 2008 17:46:11 +0200
-
python2.5 (2.5.2-7ubuntu2) intrepid; urgency=low
* Re-add build dependency on sharutils, lost in last merge.
-- Matthias Klose <email address hidden> Sat, 28 Jun 2008 16:24:40 +0200
-
python2.5 (2.5.2-7ubuntu1) intrepid; urgency=low
* Merge with Debian; remaining changes:
- Include the pregenerated documentation.
- Set priority of python2.5-minimal to required.
- Build python2.5-doc from the pregenerated documentation.
python2.5 (2.5.2-7) unstable; urgency=low
* Fix issue 2632, performance problem in socket._fileobject.read.
* Do not add /usr/lib/pythonXY.zip on sys.path.
* Fix some lintian warnings.
* Add debian/README.source.
* Build-depend on libgpm2.
python2.5 (2.5.2-6) unstable; urgency=medium
* Don't run the testsuite on hppa. Closes: #483042.
* Update to 20080528, taken from the 2.5 release branch.
- Fix issues #2111, #2158, #2707, #2803, #2858.
* Install the plistlib.py module in sys.path (as done on the trunk).
-- Matthias Klose <email address hidden> Wed, 25 Jun 2008 17:27:58 +0200
-
python2.5 (2.5.2-5ubuntu1) intrepid; urgency=low
* Merge with Debian; no new changes.
python2.5 (2.5.2-5) unstable; urgency=low
* Backport new function signal.set_wakeup_fd from the trunk.
Background: http://bugzilla.gnome.org/show_bug.cgi?id=481569
-- Matthias Klose <email address hidden> Thu, 15 May 2008 15:48:30 +0000
-
python2.5 (2.5.2-4ubuntu1) intrepid; urgency=low
* Merge with Debian; remaining changes:
- Include the pregenerated documentation.
- Set priority of python2.5-minimal to required.
- Build python2.5-doc from the pregenerated documentation.
python2.5 (2.5.2-4) unstable; urgency=low
* Update to 20080427, taken from the 2.5 release branch.
- Fix issues #2670, #2682.
* Disable running pybench on the hppa buildd (ftbfs).
* Allow setting BASECFLAGS, OPT and EXTRA_LDFLAGS (like, CC, CXX, CPP,
CFLAGS, CPPFLAGS, CCSHARED, LDSHARED) from the environment.
* Support parallel=<n> in DEB_BUILD_OPTIONS (see #209008).
python2.5 (2.5.2-3) unstable; urgency=medium
* Update to 20080416, taken from the 2.5 release branch.
- Fix CVE-2008-1721, integer signedness error in the zlib extension module.
- Fix urllib2 file descriptor happens byte-at-a-time, reverting
a fix for excessively large memory allocations when calling .read()
on a socket object wrapped with makefile().
* Disable some regression tests on some architectures:
- arm: test_compiler, test_ctypes.
- armel: test_compiler.
- hppa: test_fork1, test_wait3.
- m68k: test_bsddb3, test_compiler.
* Build-depend on libffi-dev instead of libffi4-dev.
* Fix CVE-2008-1679, integer overflows in the imageop module.
-- Matthias Klose <email address hidden> Wed, 30 Apr 2008 14:21:02 +0200
-
python2.5 (2.5.2-2ubuntu4) hardy; urgency=low
* Fix CVE-2008-1679, integer overflows in the imageop module.
* Fix CVE-2008-1721, integer signedness error in the zlib extension module.
* Fix issue 2587, PyString_FromStringAndSize() to be considered unsafe.
* Fixes for issues (taken from the 2.5 branch):
- Issue 2321: Reduce memory usage (increase the memory that is returned
to the system) by using pymalloc for the data of unicode objects.
- Issue 2515: _sqlite: Don't crash when trying to fetch data from a
closed cursor.
- Issue 2482: Make sure that the coefficient of a Decimal instance
is stored as a str instance rather than a unicode instance.
Regression compared to 2.5.1.
-- Matthias Klose <email address hidden> Wed, 16 Apr 2008 22:45:12 +0200
