Re: CVE-2011-1521 - fixed packet
On Thu, Jul 19, 2012 at 12:44:36PM +0200, Arne Wichmann wrote:
> Ok, I just created a fixed version of python2.6 for my own use. Whoever is
> interested can find it at [1] for the time being. If anybody has comments
> or improvements I am also interested.
>
> [1] http://www.saar.de/~aw/debian/python2.6_2.6.6-8.aw1.dsc
> http://www.saar.de/~aw/debian/python2.6_2.6.6-8.aw1.diff.gz
> http://www.saar.de/~aw/debian/python2.6_2.6.6-8.aw1_i386.build
> http://www.saar.de/~aw/debian/python2.6_2.6.6-8.aw1_i386.changes
> http://www.saar.de/~aw/debian/python2.6_2.6.6-8.aw1_i386.deb
>
> cu
>
> AW
> --
> [...] If you don't want to be restricted, don't agree to it. If you are
> coerced, comply as much as you must to protect yourself, just don't support
> it. Noone can free you but yourself. (crag, on Debian Planet)
> Arne Wichmann (aw@linux.de)
Debian security tracker says currently:
CVE-2011-1521 (The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x ...)
- python3.1 <removed> (bug #628453)
- python3.2 3.2-3
- python2.7 2.7.1-7
- python2.6 2.6.7-1 (bug #628455)
- python2.5 <removed>
- python2.4 <removed>
NOTE: http://bugs.python.org/issue11662
Bug #628455 is still marked as done. What is needed to be done exactly to get this issue closed permanently? :)
- Henri Salo
Reply to: