Bug#829135: jessie-pu: package python2.7/2.7.9-2+deb8u1

To: Moritz Muehlenhoff <jmm@debian.org>, 829135@bugs.debian.org
Subject: Bug#829135: jessie-pu: package python2.7/2.7.9-2+deb8u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Tue, 12 Jul 2016 21:55:23 +0100
Message-id: <[🔎] 1468356923.10690.27.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 829135@bugs.debian.org
In-reply-to: <146731784942.4577.2505993632162903728.reportbug@pisco.westfalen.local>
References: <146731784942.4577.2505993632162903728.reportbug@pisco.westfalen.local>

Control: tags -1 + confirmed

On Thu, 2016-06-30 at 22:17 +0200, Moritz Muehlenhoff wrote:
> +python2.7 (2.7.9-2+deb8u1) jessie; urgency=medium
> +
> +  * Backport upstream commit b3ce713fb9beebfff9848cefa0acbd59acc68fe9
> +    to address StartTLS stripping attack in smtplib (CVE-2016-0772)
> +  * Backport upstream commit 985fc64c60d6adffd1138b6cc46df388ca91ca5d
> +    to address integer overflow in zipimporter (CVE-2016-5636)
> +  * Backport upstream commit 1c45047c51020d46246385949d5c02e026d47320
> +    to address HTTP header injection (CVE-2016-5699)

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#829135: jessie-pu: package python2.7/2.7.9-2+deb8u1
Next by Date: Bug#829136: jessie-pu: package harfbuzz/0.9.35-2+deb8u1
Previous by thread: Processed: Re: Bug#823911: jessie-pu: package debian-security-support/2016.05.09+nmu1~deb8u1
Next by thread: Processed: Re: Bug#829135: jessie-pu: package python2.7/2.7.9-2+deb8u1
Index(es):
- Date
- Thread