Ubuntu
python2.7 package

Change logs for python2.7 source package in Focal

  1. Focal (20.04)
  2. Change log 
  • python2.7 (2.7.18-1~20.04.4) focal; urgency=medium

  * Add d/p/add-optimization-flags-to-cflags.diff: Add optimization flags to
    cflags when compiling C modules. (LP: #2002043)

 -- Mitchell Dzurick <email address hidden>  Wed, 31 Jan 2024 09:23:13 -0700
  • python2.7 (2.7.18-1~20.04.3) focal-security; urgency=medium

  * SECURITY UPDATE: Injection Attack
    - debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe
      filenames/types/param in Lib/mailcap.py.
    - CVE-2015-20107

 -- Leonidas Da Silva Barbosa <email address hidden>  Fri, 01 Jul 2022 09:27:04 -0300
  • python2.7 (2.7.18-1~20.04.1) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2019-9674.patch: add pitfalls to
      zipfile module doc in Doc/library/zipfile.rst,
      Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst.
    - CVE-2019-9674
  * SECURITY UPDATE: Misleading information
    - debian/patches/CVE-2019-17514.patch: explain that the orderness of the
      of the result is system-dependant in Doc/library/glob.rst.
    - CVE-2019-17514
  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2019-20907.patch: avoid infinite loop in the
      tarfile module in Lib/tarfile.py, Lib/test/test_tarfile.py.
    - CVE-2019-20907
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2020-8492.patch: fix the regex to prevent
      the regex denial of service in Lib/urllib2.py.
    - CVE-2020-8492
  * SECURITY UPDATE: CRLF injection
    - debian/patches/CVE-2020-26116.patch: prevent header injection
      in http methods in Lib/httplib.py, Lib/test/test_httlib.py.
    - CVE-2020-26116
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2021-3177.patch: use improved patch backport.
    - CVE-2021-3177

 -- Paulo Flabiano Smorigo <email address hidden>  Mon, 08 Mar 2021 13:02:45 +0000
  • python2.7 (2.7.18-1~20.04) focal; urgency=medium

  * SRU: LP: #1890272: Update to to the final 2.7.18 release.

 -- Matthias Klose <email address hidden>  Tue, 04 Aug 2020 13:16:42 +0200
  • python2.7 (2.7.18~rc1-2) unstable; urgency=medium

  * Ignore some autopkg tests:
    - test_ssl: Fails with OPENSSL_TLS_SECURITY_LEVEL=2.
    - tst_io: Fails on Ubuntu's autopkg test infrastructure.
  * Lower OpenSSL security level from 2 to 1 during testing as test_ssl
    assumes that.
  * Add XB-Cnf-Visible-Pkgname header on the python*-minimal package to
    point command-not-found at the full one. LP: #1867157

 -- Matthias Klose <email address hidden>  Tue, 07 Apr 2020 14:05:55 +0200
  • python2.7 (2.7.17-1ubuntu6) focal; urgency=medium

  * Add XB-Cnf-Visible-Pkgname header on the python*-minimal package to
    point command-not-found at the full one. LP: #1867157

 -- Dimitri John Ledkov <email address hidden>  Fri, 13 Mar 2020 12:42:15 +0000
  • python2.7 (2.7.17-1ubuntu5) focal; urgency=medium

  * Make autopkgtests cross-test-friendly.

 -- Steve Langasek <email address hidden>  Tue, 21 Jan 2020 15:28:51 -0800
  • python2.7 (2.7.17-1ubuntu4) focal; urgency=medium

  * Disable the lto build on armhf.

 -- Matthias Klose <email address hidden>  Thu, 16 Jan 2020 19:19:58 +0100
  • python2.7 (2.7.17-1ubuntu3) focal; urgency=medium

  * Lower OpenSSL security level from 2 to 1 during testing as test_ssl
    assumes that.

 -- Dimitri John Ledkov <email address hidden>  Thu, 16 Jan 2020 12:29:52 +0000
  • python2.7 (2.7.17-1ubuntu2) focal; urgency=medium

  * Ignore some autopkg tests:
    - tst_io: Fails on Ubuntu's autopkg test infrastructure.

 -- Matthias Klose <email address hidden>  Wed, 15 Jan 2020 18:10:55 +0100
  • python2.7 (2.7.17-1ubuntu1) focal; urgency=medium

  * Ignore some autopkg tests:
    - test_ssl: Fails with OPENSSL_TLS_SECURITY_LEVEL=2.

 -- Matthias Klose <email address hidden>  Mon, 13 Jan 2020 11:18:15 +0100
  • python2.7 (2.7.17-1build1) focal; urgency=medium

  * No-change rebuild for libffi soname change.

 -- Matthias Klose <email address hidden>  Sun, 12 Jan 2020 08:30:04 +0000
  • python2.7 (2.7.17-1) unstable; urgency=medium

  * Python 2.7.17 release.

 -- Matthias Klose <email address hidden>  Sun, 20 Oct 2019 01:36:22 +0200
  • python2.7 (2.7.17~rc1-1) unstable; urgency=medium

  * Python 2.7.17 release candidate 1.
    - CVE-2019-16056, don't parse domains containing @. Closes: #940901.
  * Bump standards version.

 -- Matthias Klose <email address hidden>  Thu, 10 Oct 2019 12:26:01 +0200