← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #59177

[Bug 1351180] Re: Python security issue #16039, #16041 and #16042 looks not be fixed on Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due to unlimited readline() from connection)

  Thread PreviousDate PreviousThread Next 
fixed for 15.04 / vivid

** Also affects: python2.7 (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Changed in: python2.7 (Ubuntu)
       Status: Triaged => Fix Released

** Changed in: python2.7 (Ubuntu Trusty)
   Importance: Undecided => Low

** Changed in: python2.7 (Ubuntu Trusty)
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1351180

Title:
  Python security issue #16039, #16041 and #16042 looks not be fixed on
  Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due
  to unlimited readline() from connection)

Status in python2.7 package in Ubuntu:
  Fix Released
Status in python2.7 source package in Trusty:
  Triaged

Bug description:
  I found that below Python security issues may not be yet fixed on
  Python 2.7.6 bundled with 14.04LTS. It looks those patches are already
  applied to Python 3.4 on 14.04LTS. It looks those patches are not
  included in upstream souce codes on both 2.7.6 and latest 2.7 version
  (2.7.8).

  http://bugs.python.org/issue16039
  http://bugs.python.org/issue16041
  http://bugs.python.org/issue16042

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1351180/+subscriptions
  Thread PreviousDate PreviousThread Next