← Back to team overview

touch-packages team mailing list archive

[Bug 1351180] Re: Python security issue #16039, #16041 and #16042 looks not be fixed on Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due to unlimited readline() from connection)

 

This is CVE-2013-1752 which is rated as having a 'Low' priority. It
should be fixed in a future python update.

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-1752

** Changed in: python2.7 (Ubuntu)
       Status: New => Triaged

** Changed in: python2.7 (Ubuntu)
   Importance: Undecided => Low

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1351180

Title:
  Python security issue #16039, #16041 and #16042 looks not be fixed on
  Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due
  to unlimited readline() from connection)

Status in “python2.7” package in Ubuntu:
  Triaged

Bug description:
  I found that below Python security issues may not be yet fixed on
  Python 2.7.6 bundled with 14.04LTS. It looks those patches are already
  applied to Python 3.4 on 14.04LTS. It looks those patches are not
  included in upstream souce codes on both 2.7.6 and latest 2.7 version
  (2.7.8).

  http://bugs.python.org/issue16039
  http://bugs.python.org/issue16041
  http://bugs.python.org/issue16042

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1351180/+subscriptions