-
python2.7 (2.7.18-1~20.04.4) focal; urgency=medium
* Add d/p/add-optimization-flags-to-cflags.diff: Add optimization flags to
cflags when compiling C modules. (LP: #2002043)
-- Mitchell Dzurick <email address hidden> Wed, 31 Jan 2024 09:23:13 -0700
-
python2.7 (2.7.18-1~20.04.3) focal-security; urgency=medium
* SECURITY UPDATE: Injection Attack
- debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe
filenames/types/param in Lib/mailcap.py.
- CVE-2015-20107
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 01 Jul 2022 09:27:04 -0300
-
python2.7 (2.7.18-1~20.04.1) focal-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2019-9674.patch: add pitfalls to
zipfile module doc in Doc/library/zipfile.rst,
Misc/NEWS.d/next/Documentation/2019-06-04-09-29-00.bpo-36260.WrGuc-.rst.
- CVE-2019-9674
* SECURITY UPDATE: Misleading information
- debian/patches/CVE-2019-17514.patch: explain that the orderness of the
of the result is system-dependant in Doc/library/glob.rst.
- CVE-2019-17514
* SECURITY UPDATE: Infinite loop
- debian/patches/CVE-2019-20907.patch: avoid infinite loop in the
tarfile module in Lib/tarfile.py, Lib/test/test_tarfile.py.
- CVE-2019-20907
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2020-8492.patch: fix the regex to prevent
the regex denial of service in Lib/urllib2.py.
- CVE-2020-8492
* SECURITY UPDATE: CRLF injection
- debian/patches/CVE-2020-26116.patch: prevent header injection
in http methods in Lib/httplib.py, Lib/test/test_httlib.py.
- CVE-2020-26116
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2021-3177.patch: use improved patch backport.
- CVE-2021-3177
-- Paulo Flabiano Smorigo <email address hidden> Mon, 08 Mar 2021 13:02:45 +0000
-
python2.7 (2.7.18-1~20.04) focal; urgency=medium
* SRU: LP: #1890272: Update to to the final 2.7.18 release.
-- Matthias Klose <email address hidden> Tue, 04 Aug 2020 13:16:42 +0200
-
python2.7 (2.7.18~rc1-2) unstable; urgency=medium
* Ignore some autopkg tests:
- test_ssl: Fails with OPENSSL_TLS_SECURITY_LEVEL=2.
- tst_io: Fails on Ubuntu's autopkg test infrastructure.
* Lower OpenSSL security level from 2 to 1 during testing as test_ssl
assumes that.
* Add XB-Cnf-Visible-Pkgname header on the python*-minimal package to
point command-not-found at the full one. LP: #1867157
-- Matthias Klose <email address hidden> Tue, 07 Apr 2020 14:05:55 +0200
-
python2.7 (2.7.17-1ubuntu6) focal; urgency=medium
* Add XB-Cnf-Visible-Pkgname header on the python*-minimal package to
point command-not-found at the full one. LP: #1867157
-- Dimitri John Ledkov <email address hidden> Fri, 13 Mar 2020 12:42:15 +0000
-
python2.7 (2.7.17-1ubuntu5) focal; urgency=medium
* Make autopkgtests cross-test-friendly.
-- Steve Langasek <email address hidden> Tue, 21 Jan 2020 15:28:51 -0800
-
python2.7 (2.7.17-1ubuntu4) focal; urgency=medium
* Disable the lto build on armhf.
-- Matthias Klose <email address hidden> Thu, 16 Jan 2020 19:19:58 +0100
-
python2.7 (2.7.17-1ubuntu3) focal; urgency=medium
* Lower OpenSSL security level from 2 to 1 during testing as test_ssl
assumes that.
-- Dimitri John Ledkov <email address hidden> Thu, 16 Jan 2020 12:29:52 +0000
-
python2.7 (2.7.17-1ubuntu2) focal; urgency=medium
* Ignore some autopkg tests:
- tst_io: Fails on Ubuntu's autopkg test infrastructure.
-- Matthias Klose <email address hidden> Wed, 15 Jan 2020 18:10:55 +0100
-
python2.7 (2.7.17-1ubuntu1) focal; urgency=medium
* Ignore some autopkg tests:
- test_ssl: Fails with OPENSSL_TLS_SECURITY_LEVEL=2.
-- Matthias Klose <email address hidden> Mon, 13 Jan 2020 11:18:15 +0100
-
python2.7 (2.7.17-1build1) focal; urgency=medium
* No-change rebuild for libffi soname change.
-- Matthias Klose <email address hidden> Sun, 12 Jan 2020 08:30:04 +0000
-
python2.7 (2.7.17-1) unstable; urgency=medium
* Python 2.7.17 release.
-- Matthias Klose <email address hidden> Sun, 20 Oct 2019 01:36:22 +0200
-
python2.7 (2.7.17~rc1-1) unstable; urgency=medium
* Python 2.7.17 release candidate 1.
- CVE-2019-16056, don't parse domains containing @. Closes: #940901.
* Bump standards version.
-- Matthias Klose <email address hidden> Thu, 10 Oct 2019 12:26:01 +0200