Format: 1.8 Date: Thu, 22 Aug 2019 12:36:40 -0400 Source: python2.7 Binary: python2.7 libpython2.7-stdlib python2.7-minimal libpython2.7-minimal libpython2.7 python2.7-examples python2.7-dev libpython2.7-dev libpython2.7-testsuite idle-python2.7 python2.7-doc python2.7-dbg libpython2.7-dbg Architecture: powerpc Version: 2.7.12-1ubuntu0~16.04.8 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: idle-python2.7 - IDE for Python (v2.7) using Tkinter libpython2.7 - Shared Python runtime library (version 2.7) libpython2.7-dbg - Debug Build of the Python Interpreter (version 2.7) libpython2.7-dev - Header files and a static library for Python (v2.7) libpython2.7-minimal - Minimal subset of the Python language (version 2.7) libpython2.7-stdlib - Interactive high-level object-oriented language (standard library libpython2.7-testsuite - Testsuite for the Python standard library (v2.7) python2.7 - Interactive high-level object-oriented language (version 2.7) python2.7-dbg - Debug Build of the Python Interpreter (version 2.7) python2.7-dev - Header files and a static library for Python (v2.7) python2.7-doc - Documentation for the high-level object-oriented language Python python2.7-examples - Examples for the Python language (v2.7) python2.7-minimal - Minimal subset of the Python language (version 2.7) Launchpad-Bugs-Fixed: 1835135 Changes: python2.7 (2.7.12-1ubuntu0~16.04.8) xenial-security; urgency=medium . * SECURITY UPDATE: incorrect cookie domain check - debian/patches/CVE-2018-20852.patch: prefix dot in domain for proper subdomain validation in Lib/cookielib.py, Lib/test/test_cookielib.py. - CVE-2018-20852 * SECURITY UPDATE: NULL pointer dereference via X509 certificate - debian/patches/CVE-2019-5010.patch: fix segfault in ssl cert parser in Lib/test/talos-2019-0758.pem, Lib/test/test_ssl.py, Modules/_ssl.c. - CVE-2019-5010 * SECURITY UPDATE: improper handling of unicode encoding - debian/patches/CVE-2019-9636-1.patch: add check for characters in netloc that normalize to separators in Doc/library/urlparse.rst, Lib/test/test_urlparse.py, Lib/urlparse.py. - debian/patches/CVE-2019-9636-2.patch: only print test messages when verbose in Lib/test/test_urlparse.py. - CVE-2019-9636 * SECURITY UPDATE: HTTP header injection - debian/patches/bpo30500.patch: simplify splithost by calling into urlparse in Lib/test/test_urllib.py, Lib/urllib.py. - debian/patches/CVE-2019-9740.patch: disallow control chars in http URLs in Lib/httplib.py, Lib/test/test_urllib.py, Lib/test/test_urllib2.py, Lib/test/test_xmlrpc.py. - CVE-2019-9740 - CVE-2019-9947 * SECURITY UPDATE: urllib support the local_file: scheme - debian/patches/CVE-2019-9948.patch: disallow file reading in Lib/urllib.py, Lib/test/test_urllib.py. - CVE-2019-9948 * SECURITY UPDATE: incomplete fix for CVE-2019-9636 - debian/patches/CVE-2019-10160-1.patch: fix handling of pre-normalization characters in urlsplit() in Lib/test/test_urlparse.py, Lib/urlparse.py. - debian/patches/CVE-2019-10160-2.patch: correct fix to handle decomposition in usernames in Lib/test/test_urlparse.py, Lib/urlparse.py. - debian/patches/CVE-2019-10160-3.patch: fix urlparse.urlsplit() error message for Unicode URL in Lib/test/test_urlparse.py, Lib/urlparse.py. - CVE-2019-10160 * debian/patches/issue9146.diff: fix FIPS mode environments where MD5 isn't available in Modules/_hashopenssl.c. (LP: #1835135) Checksums-Sha1: 6c9148251fc83c031a0a7121685afae9687bf234 3750670 libpython2.7-dbg_2.7.12-1ubuntu0~16.04.8_powerpc.deb 92860ba6d5d64562f3a46eef35e26ccb9336048a 988 libpython2.7-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb b4517894e5ce396378a9186a58f3e21de31e25cd 976 libpython2.7-dev-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 7db48b28018850a039842632ddd6e8e99c5bee5a 27304260 libpython2.7-dev_2.7.12-1ubuntu0~16.04.8_powerpc.deb a73e6ddda54ce9ae2b52f513148a1efd8b4ba20c 870 libpython2.7-minimal-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 2412c26d2d6359193d328126bf98b109beaceda7 338382 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.8_powerpc.deb 6bf58a602e4f7d2c88357163b8bbd22b31150da6 992 libpython2.7-stdlib-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 186e515dbb2f442cbe9fd07244eb9669f1ae9b36 1870924 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.8_powerpc.deb ec76f4f1dfb858d0b8164c5f1597f1f893181b99 904832 libpython2.7_2.7.12-1ubuntu0~16.04.8_powerpc.deb 6341ba28f5757ec565e2670b3110aae97a30e594 7803074 python2.7-dbg_2.7.12-1ubuntu0~16.04.8_powerpc.deb 536d9c36c14fa22ac57d0c8b66f7ba733e373074 276184 python2.7-dev_2.7.12-1ubuntu0~16.04.8_powerpc.deb 03c478de503379b76f9a77f05897f608bb4dda8b 1236442 python2.7-minimal_2.7.12-1ubuntu0~16.04.8_powerpc.deb c899f559b17ce218c47735354b9768a53a5f4c1a 224748 python2.7_2.7.12-1ubuntu0~16.04.8_powerpc.deb Checksums-Sha256: 6e7abeaad45c7c88d1437974ba4b9b58e8315dc7c6f02f4c9a08f0f2013c7736 3750670 libpython2.7-dbg_2.7.12-1ubuntu0~16.04.8_powerpc.deb 63ab9b92c8fb0304a2548d470e8dbd607afae44f184253182a6a40c1a9900776 988 libpython2.7-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 2e85cd89eda6ffc64184441487f91cc45b5773d9407fcf0111b99f127a81f0ab 976 libpython2.7-dev-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb e77c4173ddad17515afa39c85c9192ea49b75dbd31439076ebedc624cd47834b 27304260 libpython2.7-dev_2.7.12-1ubuntu0~16.04.8_powerpc.deb 92dcc8f14dde277a474f8dd69e881cf9dbf9b7fee7ea73c83515da57b335ce49 870 libpython2.7-minimal-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 2e7bf2230fef4507fd2a311d853f647ccb1dc29e25c0f506c0bcf58077d54201 338382 libpython2.7-minimal_2.7.12-1ubuntu0~16.04.8_powerpc.deb 2108db4fcbe9bbb3a601b7adda9150d4fdb908a98a2ad80769af2acbc9ef0407 992 libpython2.7-stdlib-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 542a01a2e66b9463f8ada23d0c0747a49ac854b41c964d62bed524f93d8dcf19 1870924 libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.8_powerpc.deb 6c13321267b0817b7b88c9af90ed4e620dbc82eeac78d829d1b31d71fb393d3a 904832 libpython2.7_2.7.12-1ubuntu0~16.04.8_powerpc.deb 12bc749f3bcc6a45f866067f7ee826f64e50208b8abe73e8d81f567f9f39b03c 7803074 python2.7-dbg_2.7.12-1ubuntu0~16.04.8_powerpc.deb 0112079a61350fd1c37bf148083a495ad5d48af90289217dfc49e089fa7d2c79 276184 python2.7-dev_2.7.12-1ubuntu0~16.04.8_powerpc.deb 576216d6da2cd21d58d8523b460e7c9d31061900eb921f49d465d62ab06bc5ff 1236442 python2.7-minimal_2.7.12-1ubuntu0~16.04.8_powerpc.deb 831d60c82288ad7dc3705b88a30f6614022f2f78fc454f50314aab04d4013671 224748 python2.7_2.7.12-1ubuntu0~16.04.8_powerpc.deb Files: 6dd0e066d16c29e3feaef627e464febc 3750670 debug extra libpython2.7-dbg_2.7.12-1ubuntu0~16.04.8_powerpc.deb 2a3232bb7ae2a72d2a9660486a1f480d 988 libs extra libpython2.7-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 21dd2dd5fcb9b373d47eb734c5e37efa 976 libdevel extra libpython2.7-dev-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb f5208b944b0305a12da7784a80f5d400 27304260 libdevel optional libpython2.7-dev_2.7.12-1ubuntu0~16.04.8_powerpc.deb 686b023f1e625236b267f0864c16f91c 870 python extra libpython2.7-minimal-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb 1c37e26601966d99786c6201a854461c 338382 python standard libpython2.7-minimal_2.7.12-1ubuntu0~16.04.8_powerpc.deb 6ff7e37eb8a145a7858f9f0449db5a7d 992 python extra libpython2.7-stdlib-dbgsym_2.7.12-1ubuntu0~16.04.8_powerpc.ddeb a9551126d65918daa3b37bad8cdb2607 1870924 python standard libpython2.7-stdlib_2.7.12-1ubuntu0~16.04.8_powerpc.deb 509bb561108424ec345720d5d288761d 904832 libs standard libpython2.7_2.7.12-1ubuntu0~16.04.8_powerpc.deb 12014129a9fb082b638a93b69b0cc437 7803074 debug extra python2.7-dbg_2.7.12-1ubuntu0~16.04.8_powerpc.deb e1153e4fcbcab487cc7921cbf34d693b 276184 python optional python2.7-dev_2.7.12-1ubuntu0~16.04.8_powerpc.deb d6d5767d39c9ec552aec072bd0176b99 1236442 python standard python2.7-minimal_2.7.12-1ubuntu0~16.04.8_powerpc.deb 220bd9af497aea448b44ffd91a9486ba 224748 python standard python2.7_2.7.12-1ubuntu0~16.04.8_powerpc.deb Original-Maintainer: Matthias Klose