Accepted python2.7 2.7.3-6+deb7u3 (source all i386) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 19 Jun 2016 17:03:02 +0200
Source: python2.7
Binary: python2.7 python2.7-minimal libpython2.7 python2.7-examples python2.7-dev idle-python2.7 python2.7-doc python2.7-dbg
Architecture: source all i386
Version: 2.7.3-6+deb7u3
Distribution: wheezy-security
Urgency: low
Maintainer: Matthias Klose <doko@debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
idle-python2.7 - IDE for Python (v2.7) using Tkinter
libpython2.7 - Shared Python runtime library (version 2.7)
python2.7 - Interactive high-level object-oriented language (version 2.7)
python2.7-dbg - Debug Build of the Python Interpreter (version 2.7)
python2.7-dev - Header files and a static library for Python (v2.7)
python2.7-doc - Documentation for the high-level object-oriented language Python
python2.7-examples - Examples for the Python language (v2.7)
python2.7-minimal - Minimal subset of the Python language (version 2.7)
Changes:
python2.7 (2.7.3-6+deb7u3) wheezy-security; urgency=low
.
* Non-maintainer upload by the Wheezy LTS Team.
* CVE-2016-0772
A vulnerability in smtplib allowing MITM attacker to perform a
startTLS stripping attack. smtplib does not seem to raise an
exception when the remote end (smtp server) is capable of
negotiating starttls but fails to respond with 220 (ok) to an
explicit call of SMTP.starttls(). This may allow a malicious
MITM to perform a startTLS stripping attack if the client code
does not explicitly check the response code for startTLS.
* CVE-2016-5636
Issue #26171: Fix possible integer overflow and heap corruption
in zipimporter.get_data().
* CVE-2016-5699
Protocol injection can occur not only if an application sets a
header based on user-supplied values, but also if the application
ever tries to fetch a URL specified by an attacker (SSRF case) OR
if the application ever accesses any malicious web server
(redirection case).
Checksums-Sha1:
33cdccf5ab7217baaa2de1916d3ab961ce1ad765 2838 python2.7_2.7.3-6+deb7u3.dsc
7eb972b37f596bea7215efce2da40fcb24bed5d9 14216076 python2.7_2.7.3.orig.tar.gz
f364fb28416e44beeea888168f037909ad7a4617 543919 python2.7_2.7.3-6+deb7u3.diff.gz
decd84517a672453d72f831376a68f0ba93a50dc 709464 python2.7-examples_2.7.3-6+deb7u3_all.deb
d12275f04b47872d89f9a91ccd12bc02fef928dd 303526 idle-python2.7_2.7.3-6+deb7u3_all.deb
caf10db79a09dd81d9a432dc98d3a15e5c062bcf 6273168 python2.7-doc_2.7.3-6+deb7u3_all.deb
669e67d1cbff72040c5d154b321e919c1b78ee6f 2700670 python2.7_2.7.3-6+deb7u3_i386.deb
3f0ca0ba5fc3740ca817d5d5a24825b27864f20d 1730034 python2.7-minimal_2.7.3-6+deb7u3_i386.deb
537af6294be62ad3825b9e73bf8f1133556c4499 1165902 libpython2.7_2.7.3-6+deb7u3_i386.deb
cd83be30757d8bcdf65f84b65741a1caaf52e93f 22470230 python2.7-dev_2.7.3-6+deb7u3_i386.deb
a9503dd536d5e8bda5cd7591567f04bce048255f 15085730 python2.7-dbg_2.7.3-6+deb7u3_i386.deb
Checksums-Sha256:
84bb99b355a0ffcb82c06e9251cba8d189e925310b7acb4bf38ee3876335d323 2838 python2.7_2.7.3-6+deb7u3.dsc
68bddd390a22ce9a9946ad711fc0042c831889be1f8ff79c0945f7a973e05bda 14216076 python2.7_2.7.3.orig.tar.gz
341663a1c9f9ec6df1974824e46bfecc4ad6454d1b77c735cecaa81ca095ec2f 543919 python2.7_2.7.3-6+deb7u3.diff.gz
74c4842c7744698beb67a6ad6bb9cbe6420bfa61ce95e077ffa7e24e1b131ab6 709464 python2.7-examples_2.7.3-6+deb7u3_all.deb
49868f1ea408e89f46d351eb0a112657217f9da6c0924ddc965b7a904a971e5d 303526 idle-python2.7_2.7.3-6+deb7u3_all.deb
4818eb371296e05208f35fde3b96528fa78d7898ce3376e30399add75593c374 6273168 python2.7-doc_2.7.3-6+deb7u3_all.deb
9d3c00bf167baccfafe2de14418b8fab1ecaf684d617f3fb63d925746e1c5a95 2700670 python2.7_2.7.3-6+deb7u3_i386.deb
df8d249f312eb86321a297dce6e169dfecc45821c294659ae1c298e441fed976 1730034 python2.7-minimal_2.7.3-6+deb7u3_i386.deb
240822f4064c2b68e9d76326e5f40514a4fe4dc600567e5e53ea70d2992ebdd9 1165902 libpython2.7_2.7.3-6+deb7u3_i386.deb
2aaee86c45b40fb26929d1d6d859a7e70761e9c61554192e1298a2fb7f85165a 22470230 python2.7-dev_2.7.3-6+deb7u3_i386.deb
24ca46695b251de156b4d99a1feffe279c1dd1ac01be8ef70168e04e59adeec6 15085730 python2.7-dbg_2.7.3-6+deb7u3_i386.deb
Files:
550b3b539c28e1c42937ad2c78e8624d 2838 python optional python2.7_2.7.3-6+deb7u3.dsc
20e7d671051f7a8c81d58965efcdf638 14216076 python optional python2.7_2.7.3.orig.tar.gz
54ad4a215e896c32597861f4554a0e2e 543919 python optional python2.7_2.7.3-6+deb7u3.diff.gz
dfb9bc904eb03fa7b389af6e3346d0f9 709464 python optional python2.7-examples_2.7.3-6+deb7u3_all.deb
35c04b26f30a1ef90df523cbf21913bd 303526 python optional idle-python2.7_2.7.3-6+deb7u3_all.deb
23c1103bde9b8055b176fd0fb45d1cec 6273168 doc optional python2.7-doc_2.7.3-6+deb7u3_all.deb
67d375756f15d65935dc94bed7371207 2700670 python optional python2.7_2.7.3-6+deb7u3_i386.deb
5159aea1294c908be26c3e35f73399ae 1730034 python optional python2.7-minimal_2.7.3-6+deb7u3_i386.deb
7f6953fef131a514d23ac999919c92c6 1165902 libs optional libpython2.7_2.7.3-6+deb7u3_i386.deb
708f6c8a97711ccb3d9964216b955e51 22470230 python optional python2.7-dev_2.7.3-6+deb7u3_i386.deb
d8533633c603920cb4c067357bd96b11 15085730 debug extra python2.7-dbg_2.7.3-6+deb7u3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJXaXyzXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHX9wQAKi71hux1FtW9Rlnmw2ezjaU
lAkzAdHnB+v5Dhm2i+vUy1Dk6dkftfEqM5PtId4a/5fPAPwr6StTU+rTD5JzxLF8
ixp2jTvnnqJ8/W9/tGpJh7OETxa4WHx0FUMCuAzxf0MwhhRNijogQxjEhbWfawYj
ac7axN3n+ayG3ira0q+05YUaCV+1iGYhzq6CiOb39421kBSfBfbPgF5Aj6UtauBW
JSMl2wQgclDiV/9WMN+nQV8rV62ah+X/S9fjzonchLC7j5VSqujoAiccKNeCoZ+r
YLrfT4k4yDMA+gGrRN+cuqfZxmXnMrtbtGl3y1oGLGO9JsaTvXSTfSD/V66lfFeq
1ts8o8mKV+mD4wtJGXdXmloZXyLkmI5WWpGjJB5RL/KUAJ8X0ZgwRG3ueCoxbWlI
3VQFkHbQTLeHsOQkxYeQ7VT+EWuXZSFjN5iQeXLJGxBTLDvR6ubTToSui9Noh+2k
PIsOcudtaGXqLgxBx6DQlfdxIzU61q9f3ZRh/N9XycaN2KEVX5a0QHZHrqGKKfYK
+3hlcJCLoVb6eCwJH1Y3gTE3N9RHS6+g+V73ZoZwCPZzjy3qV0gHaKKG+OsZSefT
MYyqxKXEw3fm/xw8/o8W7fJd+9lPP+9ukK3HPUNFYx4moAFJ48ixZCgDsWwwnwpZ
fEYzZ2GMIoCsfs/5dds4
=fRy7
-----END PGP SIGNATURE-----
Reply to: