touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #08376
[Bug 1351224] Re: Python security issue #14621 (Hash function is not randomized properly)
Thank you for using Ubuntu and reporting a bug. We will not be issuing a
security update for this issue. Please see http://people.canonical.com
/~ubuntu-security/cve/2013/CVE-2013-7040.html for details.
** Information type changed from Private Security to Public Security
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-7040
** Changed in: python2.7 (Ubuntu)
Importance: Undecided => Low
** Changed in: python2.7 (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1351224
Title:
Python security issue #14621 (Hash function is not randomized
properly)
Status in “python2.7” package in Ubuntu:
Won't Fix
Bug description:
Due to an incomplete fix for CVE-2012-1150, other CVE-2012-1150 [1] is reported. The following [2] is corresponding bug report in Python upstream.
I'm not 100% sure, but this vulnerability may affect to both Python 2.7 and 3.3 bundled with Ubuntu 14.04LTS.
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7040
[2] http://bugs.python.org/issue14621
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1351224/+subscriptions