touch-packages team mailing list archive

Thread
Date

[Bug 1351180] Re: Python security issue #16039, #16041 and #16042 looks not be fixed on Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due to unlimited readline() from connection)

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Takenori MATSUMOTO <1351180@xxxxxxxxxxxxxxxxxx>
Date: Fri, 01 Aug 2014 08:18:09 -0000
Reply-to: Bug 1351180 <1351180@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1351180

Title:
  Python security issue #16039, #16041 and #16042 looks not be fixed on
  Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due
  to unlimited readline() from connection)

Status in “python2.7” package in Ubuntu:
  New

Bug description:
  I found that below Python security issues may not be yet fixed on
  Python 2.7.6 bundled with 14.04LTS. It looks those patches are already
  applied to Python 3.4 on 14.04LTS. It looks those patches are not
  included in upstream souce codes on both 2.7.6 and latest 2.7 version
  (2.7.8).

  http://bugs.python.org/issue16039
  http://bugs.python.org/issue16041
  http://bugs.python.org/issue16042

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1351180/+subscriptions