Re: python 2.6.6 -> python 2.6.8
Hi Henri,
thanks for your explanation.
On Mon, Jun 25, 2012 at 02:45:57PM +0300, Henri Salo wrote:
> On Mon, Jun 25, 2012 at 09:49:08AM +0200, Marc Haber wrote:
> > a colleague pointed me to the release notes of python 2.6.8, where the
> > following security issues are listed being fixed:
> >
> > * oCERT-2011-003, CVE-2012-1150, hash collision denial of service)
"[squeeze] - python2.6 <no-dsa> (Minor issue)" means that there will
be no DSA because the issue is so minor that the team decided not to
bother?
> > * CVE-2011-3389, disabling of the CBC IV attack countermeasure in the _ssl module
phyton is not listed in
http://security-tracker.debian.org/tracker/CVE-2011-3389, does that
mean that nobody yet identified python as being affected? How can
python be added here?
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061
Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062
Reply to: