[ubuntu/cosmic-proposed] python2.7 2.7.16-2~18.10 (Accepted)

Matthias Klose doko at ubuntu.com
Thu Apr 11 20:08:11 UTC 2019 

python2.7 (2.7.16-2~18.10) cosmic-proposed; urgency=medium

  * SRU: LP: #1822993.

python2.7 (2.7.16-2) unstable; urgency=high

  [ Matthias Klose ]
  * CVE-2019-9636. Fix issue #36216: Add check for characters in netloc that
    normalize to separators. Closes: #924073.
  * CVE-2019-9948. Fix issue #35907: Stop urllib exposing the local_file schema
    (file://).

  [ Dimitri John Ledkov ]
  * Bump Build-Depedency and Dependency of libssl-dev and libss1.1 to
    1.1.1 or higher. As TLS1.3 constants leak into ssl module, thus one
    shouldn't mix and match python2.7 & libssl1.1. LP: #1808476

python2.7 (2.7.16-1) unstable; urgency=medium

  * Python 2.7.16 release.
    - Now has a version without a trailing '+'. Closes: #914072.

python2.7 (2.7.16~rc1-1) unstable; urgency=medium

  * Python 2.7.16 release candidate 1.

python2.7 (2.7.15-9) unstable; urgency=medium

  * Update to 20190216 from the 2.7 branch.
    - Backport of TLS 1.3 related fixes from 3.7.
  * Drop the local TLS 1.3 backports.

python2.7 (2.7.15-8) unstable; urgency=medium

  * Fix typo in autopkg test.

python2.7 (2.7.15-7) unstable; urgency=medium

  * Expect the test_site test failing as in 3.7.

python2.7 (2.7.15-6) unstable; urgency=medium

  * Update to 20190201 from the 2.7 branch.
    - CVE-2013-1752: Limit imaplib.IMAP4_SSL.readline().
    - CVE-2018-14647: _elementtree.c doesn't call XML_SetHashSalt().
      Closes: #921039.
    - CVE-2019-5010: DsO vulnerability exists in the X509 certificate parser.
      Closes: #921040.
  * Bump standards version.
  * Update symbols file.

python2.7 (2.7.15-5) unstable; urgency=medium

  * Update to 20181127 from the 2.7 branch.
    - Fix issue #20744, running an external 'zip' in shutil.make_archive().
      CVE-2018-1000802. Closes: #909673.
  * Cherrypick in-progress backports to 2.7 branch from 3.6 branch to fix
    test_ssl assertions with openssl 1.1.1. Resolves autopkgtest failure
    of the 2.7 with openssl 1.1.1 (Dimitri John Ledkov).
  * Don't hard code location of netinet/in.h. Closes: #912422.
  * Update VCS attributes.

Date: Tue, 09 Apr 2019 06:50:39 +0200
Changed-By: Matthias Klose <doko at ubuntu.com>
Maintainer: Matthias Klose <doko at debian.org>
https://launchpad.net/ubuntu/+source/python2.7/2.7.16-2~18.10
-------------- next part --------------
Format: 1.8
Date: Tue, 09 Apr 2019 06:50:39 +0200
Source: python2.7
Binary: python2.7 libpython2.7-stdlib python2.7-minimal libpython2.7-minimal libpython2.7 python2.7-examples python2.7-dev libpython2.7-dev libpython2.7-testsuite idle-python2.7 python2.7-doc python2.7-dbg libpython2.7-dbg
Architecture: source
Version: 2.7.16-2~18.10
Distribution: cosmic-proposed
Urgency: high
Maintainer: Matthias Klose <doko at debian.org>
Changed-By: Matthias Klose <doko at ubuntu.com>
Description:
 idle-python2.7 - IDE for Python (v2.7) using Tkinter
 libpython2.7 - Shared Python runtime library (version 2.7)
 libpython2.7-dbg - Debug Build of the Python Interpreter (version 2.7)
 libpython2.7-dev - Header files and a static library for Python (v2.7)
 libpython2.7-minimal - Minimal subset of the Python language (version 2.7)
 libpython2.7-stdlib - Interactive high-level object-oriented language (standard library
 libpython2.7-testsuite - Testsuite for the Python standard library (v2.7)
 python2.7  - Interactive high-level object-oriented language (version 2.7)
 python2.7-dbg - Debug Build of the Python Interpreter (version 2.7)
 python2.7-dev - Header files and a static library for Python (v2.7)
 python2.7-doc - Documentation for the high-level object-oriented language Python
 python2.7-examples - Examples for the Python language (v2.7)
 python2.7-minimal - Minimal subset of the Python language (version 2.7)
Closes: 909673 912422 914072 921039 921040 924073
Launchpad-Bugs-Fixed: 1808476 1822993
Changes:
 python2.7 (2.7.16-2~18.10) cosmic-proposed; urgency=medium
 .
   * SRU: LP: #1822993.
 .
 python2.7 (2.7.16-2) unstable; urgency=high
 .
   [ Matthias Klose ]
   * CVE-2019-9636. Fix issue #36216: Add check for characters in netloc that
     normalize to separators. Closes: #924073.
   * CVE-2019-9948. Fix issue #35907: Stop urllib exposing the local_file schema
     (file://).
 .
   [ Dimitri John Ledkov ]
   * Bump Build-Depedency and Dependency of libssl-dev and libss1.1 to
     1.1.1 or higher. As TLS1.3 constants leak into ssl module, thus one
     shouldn't mix and match python2.7 & libssl1.1. LP: #1808476
 .
 python2.7 (2.7.16-1) unstable; urgency=medium
 .
   * Python 2.7.16 release.
     - Now has a version without a trailing '+'. Closes: #914072.
 .
 python2.7 (2.7.16~rc1-1) unstable; urgency=medium
 .
   * Python 2.7.16 release candidate 1.
 .
 python2.7 (2.7.15-9) unstable; urgency=medium
 .
   * Update to 20190216 from the 2.7 branch.
     - Backport of TLS 1.3 related fixes from 3.7.
   * Drop the local TLS 1.3 backports.
 .
 python2.7 (2.7.15-8) unstable; urgency=medium
 .
   * Fix typo in autopkg test.
 .
 python2.7 (2.7.15-7) unstable; urgency=medium
 .
   * Expect the test_site test failing as in 3.7.
 .
 python2.7 (2.7.15-6) unstable; urgency=medium
 .
   * Update to 20190201 from the 2.7 branch.
     - CVE-2013-1752: Limit imaplib.IMAP4_SSL.readline().
     - CVE-2018-14647: _elementtree.c doesn't call XML_SetHashSalt().
       Closes: #921039.
     - CVE-2019-5010: DsO vulnerability exists in the X509 certificate parser.
       Closes: #921040.
   * Bump standards version.
   * Update symbols file.
 .
 python2.7 (2.7.15-5) unstable; urgency=medium
 .
   * Update to 20181127 from the 2.7 branch.
     - Fix issue #20744, running an external 'zip' in shutil.make_archive().
       CVE-2018-1000802. Closes: #909673.
   * Cherrypick in-progress backports to 2.7 branch from 3.6 branch to fix
     test_ssl assertions with openssl 1.1.1. Resolves autopkgtest failure
     of the 2.7 with openssl 1.1.1 (Dimitri John Ledkov).
   * Don't hard code location of netinet/in.h. Closes: #912422.
   * Update VCS attributes.
Checksums-Sha1:
 f1dd4ca5fa6e6becda069aa0321540c0dc1a54d2 3379 python2.7_2.7.16-2~18.10.dsc
 c4f143e1199957cb89237ab723f1406d244e6f66 288185 python2.7_2.7.16-2~18.10.diff.gz
 abdcf5820377e4705de2267877afcdaa5467323b 11069 python2.7_2.7.16-2~18.10_source.buildinfo
Checksums-Sha256:
 87f5bf23fe2d98c758d320fbc9480e3fb73338994ec56b0c72e72da6b8060f07 3379 python2.7_2.7.16-2~18.10.dsc
 15de57aee4aa5c6ac74667e95d185c6723188e119b6f510d94431e3e9608127c 288185 python2.7_2.7.16-2~18.10.diff.gz
 c6a8e91e58a633d8b457d3e7a9ed8cf30d7e6ca12bc677539a15ac0ca66909be 11069 python2.7_2.7.16-2~18.10_source.buildinfo
Files:
 490b33489d6aeec0ed306ba83d9e5c79 3379 python optional python2.7_2.7.16-2~18.10.dsc
 da9fdd2b742f51e10db01d1ab913cc5c 288185 python optional python2.7_2.7.16-2~18.10.diff.gz
 382bf745145a6ae2ef28b93da35e70a2 11069 python optional python2.7_2.7.16-2~18.10_source.buildinfo

More information about the Cosmic-changes mailing list