[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#926779: unblock: python2.7/2.7.16-2

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock python2.7, fixing two CVEs, and fixing a potential upgrade issue
with partial upgrades:

Changes:
 python2.7 (2.7.16-2) unstable; urgency=high
 .
   [ Matthias Klose ]
   * CVE-2019-9636. Fix issue #36216: Add check for characters in netloc that
     normalize to separators. Closes: #924073.
   * CVE-2019-9948. Fix issue #35907: Stop urllib exposing the local_file schema
     (file://).
 .
   [ Dimitri John Ledkov ]
   * Bump Build-Depedency and Dependency of libssl-dev and libss1.1 to
     1.1.1 or higher. As TLS1.3 constants leak into ssl module, thus one
     shouldn't mix and match python2.7 & libssl1.1. LP: #1808476
Reply to: