Information on source package python2.7

Available versions

ReleaseVersion
jessie2.7.9-2+deb8u1
jessie (security)2.7.9-2+deb8u2
stretch (security)2.7.13-2+deb9u3
buster2.7.15-5
sid2.7.15-5

Open issues

BugjessiestretchbustersidDescription
CVE-2018-14647vulnerable (no DSA, postponed)fixedvulnerablevulnerablePython's elementtree C accelerator failed to initialise Expat's hash ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2018-1000030vulnerablevulnerablefixedfixedPython 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a ...
CVE-2017-17522vulnerablevulnerablevulnerablevulnerable** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not ...
CVE-2016-1000110vulnerablefixedfixedfixed
CVE-2013-7040vulnerablevulnerablevulnerablevulnerablePython 2.7 before 3.4 only uses the last eight bits of the prefix to ...

Resolved issues

BugDescription
CVE-2018-1061python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...
CVE-2018-1060python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is ...
CVE-2018-1000802Python Software Foundation Python (CPython) version 2.7 contains a ...
CVE-2017-1000158CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow ...
CVE-2016-5699CRLF injection vulnerability in the HTTPConnection.putheader function ...
CVE-2016-5636Integer overflow in the get_data function in zipimport.c in CPython ...
CVE-2016-0772The smtplib library in CPython (aka Python) before 2.7.12, 3.x before ...
CVE-2014-9365The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) ...
CVE-2014-7185Integer overflow in bufferobject.c in Python before 2.7.8 allows ...
CVE-2014-4650
CVE-2014-4616Array index error in the scanstring function in the _json module in ...
CVE-2014-2667Race condition in the _get_masked_mode function in Lib/os.py in Python ...
CVE-2014-1912Buffer overflow in the socket.recvfrom_into function in ...
CVE-2013-7440The ssl.match_hostname function in CPython (aka Python) before 2.7.9 ...
CVE-2013-7338Python before 3.3.4 RC1 allows remote attackers to cause a denial of ...
CVE-2013-4238The ssl.match_hostname function in the SSL module in Python 2.6 ...
CVE-2013-2099Algorithmic complexity vulnerability in the ssl.match_hostname ...
CVE-2013-1753
CVE-2013-1752
CVE-2012-1150Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x ...
CVE-2012-0845SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, ...
CVE-2011-4944Python 2.6 through 3.2 creates ~/.pypirc with world-readable ...
CVE-2011-4940The list_directory function in Lib/SimpleHTTPServer.py in ...
CVE-2011-3389The SSL protocol, as used in certain configurations in Microsoft ...
CVE-2011-1521The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x ...
CVE-2010-3492The asyncore module in Python before 3.2 does not properly handle ...
CVE-2010-2089The audioop module in Python 2.7 and 3.2 does not verify the ...
CVE-2010-1634Multiple integer overflows in audioop.c in the audioop module in ...
CVE-2010-1450Multiple buffer overflows in the RLE decoder in the rgbimg module in ...
CVE-2010-1449Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 ...
CVE-2009-4134Buffer underflow in the rgbimg module in Python 2.5 allows remote ...

Security announcements

DSA / DLADescription
DSA-4306-1python2.7 - security update
DLA-1519-1python2.7 - security update
DLA-1189-1python2.7 - security update
DLA-522-1python2.7 - security update
DSA-2880-1python2.7 - security update

Search for package or bug name: Reporting problems