lp:ubuntu/trusty-updates/python2.7
- Get this branch:
- bzr branch lp:ubuntu/trusty-updates/python2.7
Branch merges
Branch information
Recent revisions
- 106. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service in multiple servers
- debian/patches/ CVE-2013- 1752-httplib- 2.patch: limit amount of headers
in Lib/httplib.py, added test to Lib/test/test_httplib. py.
- debian/patches/ CVE-2013- 1752-poplib. patch: limit maximum line length
in Lib/poplib.py, added test to Lib/test/test_poplib. py.
- debian/patches/ CVE-2013- 1752-smtplib. patch: limit amount read from
the network in Lib/smtplib.py, added test to
Lib/test/test_ smtplib. py.
- CVE-2013-1752
* SECURITY UPDATE: denial of service via xmlrpc gzip-compressed
HTTP bodies
- debian/patches/ CVE-2013- 1753.patch: add default limit in
Lib/xmlrpclib. py, added test to Lib/test/ test_xmlrpc. py.
- CVE-2013-1753
* SECURITY UPDATE: arbitrary memory read via idx argument
- debian/patches/ CVE-2014- 4616.patch: reject negative idx values in
Modules/_json.c, added test to Lib/json/ tests/test_ decode. py.
- CVE-2014-4616
* SECURITY UPDATE: code execution or file disclosure via CGIHTTPServer
- debian/patches/ CVE-2014- 4650.patch: url unquote path in
Lib/CGIHTTPServer. py, added test to Lib/test/ test_httpserver s.py.
- CVE-2014-4650
* SECURITY UPDATE: information disclosure via buffer function
- debian/patches/ CVE-2014- 7185.patch: avoid overflow in
Objects/bufferobject. c, added test to Lib/test/ test_buffer. py.
- CVE-2014-7185 - 105. By Matthias Klose
-
* Update to 20140322, taken from the 2.7 branch.
* Install updated idle icons. LP: #1295969.
* Update the ssl.match_hostname backport: Change behavior of
``ssl.match_hostname( )`` to follow RFC 6125, for security reasons.
It now doesn't match multiple wildcards nor wildcards inside IDN fragments.
Closes: #740255. - 103. By Matthias Klose
-
* Update to 20140225, taken from the 2.7 branch.
- CVE-2014-1912. Fix issue 20246, buffer overflow in socket.recvfrom_ into.
* Build without ffi on or1k. Closes: #738519.
* Allow loading of extensions in the sqlite module. Closes: #739555.
* Update autopkg tests (Martin Pitt):
- Don't fail if apport is not installed.
- Call su with explicit shell, as nobody has nologin as default shell now.
- Only use $SUDO_USER if that user actually exists in the testbed.
- Drop obsolete chowning of $TMPDIR and $ADTTMP; with current autopkgtest
$TMPDIR has appropriate permissions, and $ADTTMP is not being used. - 102. By Matthias Klose
-
* Update to 20140111, taken from the 2.7 branch.
* Build-depend on net-tools, required for the test_uuid test.
* Build-depend on the default Tcl/Tk.
* Add two new autopkg tests to run the failing tests. - 100. By Matthias Klose
-
* Update to 20131230, taken from the 2.7 branch.
* Disable sphinx refcounting extension, removed in sphinx-1.2.
Closes: #733404. - 98. By Matthias Klose
-
* Update to 20131206, taken from the 2.7 branch.
* Disable the test_uuid autopkg test, hanging, missing entropy?
* Drop python dependency in libpython2.7-dbg.
* Revert patch from http://bugs.python. org/issue19352 as it completely breaks
unittest discovery on Debian/Ubuntu. LP: #1255505. - 97. By Martin Pitt
-
Add debian/
patches/ revert- unittest- loader- symlinks19352. diff: Revert patch
from http://bugs.python. org/issue19352 as it completely breaks unittest
discovery on Debian/Ubuntu. (LP: #1255505)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/wily/python2.7