Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise/python3.2 bug 2 Mature 2012-04-12 16:51:21 UTC 2012-04-12
36. * Python 3.2.3 release. * Use xdg-ope...

Author: Matthias Klose
Revision Date: 2012-04-12 16:52:42 UTC

* Python 3.2.3 release.
* Use xdg-open/gvfs-open in Lib/webbrowser.py (Michael Vogt).
  LP: #971311.

lp:ubuntu/precise-proposed/python3.2 bug 2 Mature 2013-07-05 08:25:10 UTC 2013-07-05
41. debian/patches/atomic-pyc-rename.diff...

Author: Barry Warsaw
Revision Date: 2013-06-07 17:13:32 UTC

debian/patches/atomic-pyc-rename.diff: Add patch to fix possible race
conditions when writing .pyc/.pyo files in py_compile.py.
Issue #13146. LP: #1058884

lp:ubuntu/precise-security/python3.2 2 Mature 2016-11-15 14:34:45 UTC 2016-11-15
41. * SECURITY UPDATE: StartTLS stripping...

Author: Steve Beattie
Revision Date: 2016-11-15 14:34:45 UTC

* SECURITY UPDATE: StartTLS stripping attack
  - debian/patches/CVE-2016-0772.patch: raise an error when
    STARTTLS fails in Lib/smtplib.py.
  - CVE-2016-0772
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
  scripts (aka HTTPOXY attack)
  - debian/patches/CVE-2016-1000110.patch: if running as CGI
    script, forget HTTP_PROXY in Lib/urllib.py, add test to
    Lib/test/test_urllib.py, add documentation.
  - CVE-2016-1000110
* SECURITY UPDATE: Integer overflow when handling zipfiles
  - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
    Modules/zipimport.c
  - debian/patches/CVE-2016-5636.patch: check for too large value in
    Modules/zipimport.c
  - CVE-2016-5636
* SECURITY UPDATE: CRLF injection vulnerability in the
  HTTPConnection.putheader
  - debian/patches/CVE-2016-5699.patch: disallow newlines in
    putheader() arguments when not followed by spaces or tabs in
    Lib/httplib.py, add tests in Lib/test/test_httplib.py
  - CVE-2016-5699

lp:ubuntu/precise-updates/python3.2 2 Mature 2016-11-15 14:34:45 UTC 2016-11-15
41. * SECURITY UPDATE: StartTLS stripping...

Author: Steve Beattie
Revision Date: 2016-11-15 14:34:45 UTC

* SECURITY UPDATE: StartTLS stripping attack
  - debian/patches/CVE-2016-0772.patch: raise an error when
    STARTTLS fails in Lib/smtplib.py.
  - CVE-2016-0772
* SECURITY UPDATE: use of HTTP_PROXY flag supplied by attacker in CGI
  scripts (aka HTTPOXY attack)
  - debian/patches/CVE-2016-1000110.patch: if running as CGI
    script, forget HTTP_PROXY in Lib/urllib.py, add test to
    Lib/test/test_urllib.py, add documentation.
  - CVE-2016-1000110
* SECURITY UPDATE: Integer overflow when handling zipfiles
  - debian/patches/CVE-2016-5636-pre.patch: check for negative size in
    Modules/zipimport.c
  - debian/patches/CVE-2016-5636.patch: check for too large value in
    Modules/zipimport.c
  - CVE-2016-5636
* SECURITY UPDATE: CRLF injection vulnerability in the
  HTTPConnection.putheader
  - debian/patches/CVE-2016-5699.patch: disallow newlines in
    putheader() arguments when not followed by spaces or tabs in
    Lib/httplib.py, add tests in Lib/test/test_httplib.py
  - CVE-2016-5699

14 of 4 results