Bug#829135: jessie-pu: package python2.7/2.7.9-2+deb8u1
Control: tags -1 + confirmed
On Thu, 2016-06-30 at 22:17 +0200, Moritz Muehlenhoff wrote:
> +python2.7 (2.7.9-2+deb8u1) jessie; urgency=medium
> +
> + * Backport upstream commit b3ce713fb9beebfff9848cefa0acbd59acc68fe9
> + to address StartTLS stripping attack in smtplib (CVE-2016-0772)
> + * Backport upstream commit 985fc64c60d6adffd1138b6cc46df388ca91ca5d
> + to address integer overflow in zipimporter (CVE-2016-5636)
> + * Backport upstream commit 1c45047c51020d46246385949d5c02e026d47320
> + to address HTTP header injection (CVE-2016-5699)
Please go ahead.
Regards,
Adam
Reply to: