python2.7 2.7.18-1~20.04.7 source package in Ubuntu
Changelog
python2.7 (2.7.18-1~20.04.7) focal-security; urgency=medium
* SECURITY UPDATE: User-after-free
- debian/patches/CVE-2022-48560.patch: Fix posible crash in heapq with
custom comparison operators in Modules/_heapqmodule.c,
Lib/test/test_heapq.py.
- CVE-2022-48560
* SECURITY UPDATE: xml external entity processing
- debian/patches/CVE-2022-48565.patch: rejects XML entity declarations in
plist files.
- CVE-2022-48565
* SECURITY UPDATE: breaking of constant-time guarantee for crypto operations
- debian/patches/CVE-2022-48566.patch: adds ``volatile`` to the accumulator
variable result in ``hmac.compare_digest``, making
constant-time-defeating optimizations less likely.
- CVE-2022-48566
* SECURITY UPDATE: Possible Bypass Blocklisting
- debian/patches/CVE-2023-24329.patch: enforce
that a scheme must begin with an alphabetical ASCII character
in Lib/urlparse.py, Lib/test/test_urlparse.py.
- debian/patches/CVE-2023-24329-2.patch: adds a complementary patch/fix
for CVE-2023-24329 that was partially fixed before. This patch starts
stripping C0 control and space chars in 'urlsplit' in Lib/urlparse.py,
Lib/test/test_urlparse.py.
- CVE-2023-24329
* SECURITY UPDATE: TLS handshake bypass
- debian/patches/CVE-2023-40217.diff: avoid ssl pre-close flaw in ssl.py.
- CVE-2023-40217
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 09 Dec 2024 16:35:20 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Focal
- Original maintainer:
- Matthias Klose
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | universe | python | |
| Focal | security | universe | python |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python2.7_2.7.18.orig.tar.gz | 16.7 MiB | da3080e3b488f648a3d7a4560ddee895284c3380b11d6de75edb986526b9a814 |
| python2.7_2.7.18-1~20.04.7.diff.gz | 305.6 KiB | 3dbd4633a01ebb9b07e3e9650903dfa1b4a73a506202b836a31c9a585e0f8cd5 |
| python2.7_2.7.18-1~20.04.7.dsc | 3.2 KiB | 376ebb41da17d0ea4d446f0b200c00b1dd7fc30c1e560e649b0a05f799c0e065 |
Available diffs
Binary packages built by this source
- idle-python2.7: IDE for Python (v2.7) using Tkinter
IDLE is an Integrated Development Environment for Python (v2.7).
IDLE is written using Tkinter and therefore quite platform-independent.
- libpython2.7: Shared Python runtime library (version 2.7)
Python is a high-level, interactive, object-oriented language. Its 2.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains the shared runtime library, normally not needed
for programs using the statically linked interpreter.
- libpython2.7-dbg: Debug Build of the Python Interpreter (version 2.7)
The package holds two things:
.
- Extensions for a Python interpreter configured with --pydebug.
- Debug information for standard python extensions.
.
See the README.debug for more information.
- libpython2.7-dev: Header files and a static library for Python (v2.7)
Header files, a static library and development tools for building
Python (v2.7) modules, extending the Python interpreter or embedding
Python (v2.7) in applications.
.
Maintainers of Python packages should read README.maintainers.
.
This package contains development files. It is normally not
used on it's own, but as a dependency of python2.7-dev.
- libpython2.7-minimal: Minimal subset of the Python language (version 2.7)
This package contains some essential modules. It is normally not
used on it's own, but as a dependency of python2.7-minimal.
- libpython2.7-stdlib: Interactive high-level object-oriented language (standard library, version 2.7)
Python is a high-level, interactive, object-oriented language. Its 2.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains Python 2.7's standard library. It is normally not
used on its own, but as a dependency of python2.7.
- libpython2.7-testsuite: Testsuite for the Python standard library (v2.7)
The complete testsuite for the Python standard library. Note that
a subset is found in the libpython2.7-stdlib package, which should
be enough for other packages to use (please do not build-depend
on this package, but file a bug report to include additional
testsuite files in the libpython2.7-stdlib package).
- python2.7: Interactive high-level object-oriented language (version 2.7)
Python is a high-level, interactive, object-oriented language. Its 2.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
- python2.7-dbg: Debug Build of the Python Interpreter (version 2.7)
The package holds two things:
.
- A Python interpreter configured with --pydebug. Dynamically loaded modules
are searched as <foo>_d.so first. Third party extensions need a separate
build to be used by this interpreter.
- Debug information for standard python interpreter and extensions.
.
See the README.debug for more information.
- python2.7-dev: Header files and a static library for Python (v2.7)
Header files, a static library and development tools for building
Python (v2.7) modules, extending the Python interpreter or embedding
Python (v2.7) in applications.
.
Maintainers of Python packages should read README.maintainers.
- python2.7-doc: Documentation for the high-level object-oriented language Python (v2.7)
These is the official set of documentation for the interactive high-level
object-oriented language Python (v2.7). All documents are provided
in HTML format. The package consists of ten documents:
.
* What's New in Python2.7
* Tutorial
* Python Library Reference
* Macintosh Module Reference
* Python Language Reference
* Extending and Embedding Python
* Python/C API Reference
* Installing Python Modules
* Documenting Python
* Distributing Python Modules
- python2.7-examples: Examples for the Python language (v2.7)
Examples, Demos and Tools for Python (v2.7). These are files included in
the upstream Python distribution (v2.7).
- python2.7-minimal: Minimal subset of the Python language (version 2.7)
This package contains the interpreter and some essential modules. It can
be used in the boot process for some basic tasks.
See /usr/share/doc/python2. 7-minimal/ README. Debian for a list of the modules
contained in this package.
