UbuntuUpdates.org

Package "libpython2.7-minimal"

Name: libpython2.7-minimal

Description:

Minimal subset of the Python language (version 2.7)

Latest version: 2.7.18-13ubuntu1.4
Release: jammy (22.04)
Level: security
Repository: universe
Head package: python2.7

Links


Download "libpython2.7-minimal"


Other versions of "libpython2.7-minimal" in Jammy

Repository Area Version
base universe 2.7.18-13ubuntu1
updates universe 2.7.18-13ubuntu1.4

Changelog

Version: 2.7.18-13ubuntu1.4 2024-11-22 04:06:51 UTC

  python2.7 (2.7.18-13ubuntu1.4) jammy-security; urgency=medium

  * SECURITY REGRESSION: regression for CVE-2024-6232
    - d/p/fix-regression-lp2089071.patch: fix incomplete update for
      CVE-2024-6232 (LP: #2089071)

 -- Nishit Majithia <email address hidden> Thu, 21 Nov 2024 15:31:26 +0530

Source diff to previous version
2089071 tarfile.py regression: \
CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile heade

Version: 2.7.18-13ubuntu1.3 2024-11-19 14:06:49 UTC

  python2.7 (2.7.18-13ubuntu1.3) jammy-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2024-6232.patch: Remove backtracking when parsing
      tarfile headers
    - CVE-2024-6232
  * SECURITY UPDATE: header injection issue
    - debian/patches/CVE-2024-6923.patch: Encode newlines in headers
    - CVE-2024-6923

 -- Nishit Majithia <email address hidden> Wed, 13 Nov 2024 10:22:30 +0530

Source diff to previous version
CVE-2024-6232 There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile heade
CVE-2024-6923 There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an

Version: 2.7.18-13ubuntu1.1 2022-07-14 15:06:41 UTC

  python2.7 (2.7.18-13ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Injection Attack
    - debian/patches/CVE-2015-20107.patch: Make mailcap refuse to match unsafe
      filenames/types/param in Lib/mailcap.py.
    - CVE-2015-20107

 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 01 Jul 2022 07:30:50 -0300

CVE-2015-20107 In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This m



About   -   Send Feedback to @ubuntu_updates