-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 20 Feb 2021 18:14:40 +0100 Source: python2.7 Architecture: source Version: 2.7.18-2 Distribution: unstable Urgency: medium Maintainer: Matthias Klose <doko@debian.org> Changed-By: Matthias Klose <doko@debian.org> Closes: 939514 970099 Changes: python2.7 (2.7.18-2) unstable; urgency=medium . * Fix issue #39017: Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907). * Backport of 0b297d4ff1c0e4480ad33acae793fbaf4bf015b4, trimmed down to the fix for CVE-2020-8492. Closes: #970099. * Fix FTCBFS: Add back a dependency on python2.7:any (Helmut Grohne). Closes: #939514. * Fix issue #42938: Replace snprintf with Python unicode formatting in ctypes param reprs (CVE-2021-3177) (Saif Hakim). LP: #1916117. Checksums-Sha1: 3dc209c7d98e948df1dfb397cb2280214ed0c7b7 3313 python2.7_2.7.18-2.dsc 3da6e44bb98ef24fffcb1a3a93c3b3ee666ff2c2 289598 python2.7_2.7.18-2.diff.gz 0b736841bbae42b0b2d8902ece40c371fec9e4a8 10196 python2.7_2.7.18-2_source.buildinfo Checksums-Sha256: 51a4c812f07ed73a791e09da0374505eeb7b6a482baf1565ce2cf605fe3cb73b 3313 python2.7_2.7.18-2.dsc b3cbfd41205d722f011ed1f60cd4e045e103a2d101a4de07ed3f9916c177fe1e 289598 python2.7_2.7.18-2.diff.gz c94ad27726a3010f2247cb50eecfa8f28e0497b139f5f2587757b23d6c096c87 10196 python2.7_2.7.18-2_source.buildinfo Files: c24e91205a75fbe300769172501cb48e 3313 python optional python2.7_2.7.18-2.dsc b6886958d98e3e95c0a05483b9983c48 289598 python optional python2.7_2.7.18-2.diff.gz f42c8145f5aea56aa3b2aaa7c8c03308 10196 python optional python2.7_2.7.18-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEE1WVxuIqLuvFAv2PWvX6qYHePpvUFAmAxSpwQHGRva29AZGVi aWFuLm9yZwAKCRC9fqpgd4+m9S3VD/990veQ2O3EstIu1u3B6UjDQrA9Y2sEbi5h nC1+C/2WjPcp7LOI9+x7DqiwUz51E2LJB/cgTsMPRHk2kaFQHS2Cs57edQFx8vBh dX9IRSlOfYyn5TpU9qBtnSR7BVJgv4hHaFi/EGO0AVMPzByTPGHKkduNvWqqcXcc PWsglTZOHdYMulZXcQx06DztSp6rNasF9Irmq40S2mqXgTgSBCP1n1HbroUHa4lU bhdKpivaEq3WUC5C7PfJMpl1kGcIFT+IW7NIukEWerul2Q26hCaRkuqHfFPuvUlA X5eLlUr0A06TXA1vdDK9vJ8E1hatJH8k3EKYUudJccWzRnxZ2s1SP+znzk4ej8+F e/0+NK1fBvdERekogFU25fPJgDaIMBsqo/wfGHn8+ebj00/9s/LfiagVkIJZcbwA F4Oao1nKWM22XnHMCktihaCzikOp28SJCCZuXNsD2cJbjwooSGe1ymlpis236OYM 4raBVwzM0UXV/5IgVBu9T2v0lCAPxSmy19UpMOaL2Htj0hIk5TbPWKvWe+zbkBJG JKfOB5yyQbQ2u/6LV4tPBCYBqdhXIvTlVv0goAnrAMd4N+mfo3ZCjd1InrunhZIC k0jz4m6CABx+O8n/Xt3DumemB1WcfzmtpCqzFEkpL89xCvhauJUjLR+j9zmO3/Yt MFJ91UjOJg== =KCfd -----END PGP SIGNATURE-----