[DLA 25-1] python2.6 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Package : python2.6
Version : 2.6.6-8+deb6u1
CVE ID : CVE-2011-1015 CVE-2011-1521 CVE-2011-4940 CVE-2011-4944
CVE-2012-0845 CVE-2012-1150 CVE-2013-4238 CVE-2014-1912
Multiple vulnerabilities were discovered in python2.6. The more
relevant are:
CVE-2013-4238
Incorrect handling of NUL bytes in certificate hostnames may allow
server spoofing via specially-crafted certificates signed by
a trusted Certification Authority.
CVE-2014-1912
Buffer overflow in socket.recvfrom_into leading to application
crash and possibly code execution.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iEYEARECAAYFAlPasBQACgkQYy49rUbZzloDRACbBvBmhXP/ruUfG1A82ID6MyW3
C5UAn15SLj2jAfIIn1czbdgm3obw0Kpd
=WCtU
-----END PGP SIGNATURE-----
Reply to: