Register | Log in

python2.7

Choose email to subscribe with

general

source: python2.7 (main)
version: 2.7.18-8+deb11u1
maintainer: Matthias Klose (DMD)
arch: all any
std-ver: 4.5.0
VCS: Git (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.7.16-2+deb10u1
o-o-sec: 2.7.16-2+deb10u4
oldstable: 2.7.18-8+deb11u1

versioned links

2.7.16-2+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.16-2+deb10u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.18-8+deb11u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

idle-python2.7
libpython2.7
libpython2.7-dbg
libpython2.7-dev
libpython2.7-minimal
libpython2.7-stdlib
libpython2.7-testsuite
python2.7
python2.7-dbg
python2.7-dev
python2.7-doc
python2.7-examples
python2.7-minimal

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:22:38
Last run: 2022-12-05T01:43:39.000Z
Previous status: unknown

testing: pass (log)
The tests ran in 0:23:23
Last run: 2022-11-12T14:06:54.000Z
Previous status: unknown

stable: fail (log)
The tests ran in 0:19:54
Last run: 2023-06-09T08:45:26.000Z
Previous status: unknown

Created: 2022-03-31 Last update: 2025-06-21 09:31

5 security issues in buster high

There are 5 open security issues in buster.

3 important issues:

CVE-2024-0397: A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “cert_store_stats()” and “get_ca_certs()”. The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContext, such as during the TLS handshake with a certificate directory configured. This issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.
CVE-2024-4032: The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.
CVE-2024-5642: CPython 3.9 and earlier doesn't disallow configuring an empty list ("[]") for SSLContext.set_npn_protocols() which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used (see CVE-2024-5535 for OpenSSL). This vulnerability is of low severity due to NPN being not widely used and specifying an empty list likely being uncommon in-practice (typically a protocol name would be configured).

1 issue postponed or untriaged:

CVE-2023-27043: (postponed; to be fixed through a stable update) The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.

1 ignored issue:

CVE-2020-10735: A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

Created: 2024-06-18 Last update: 2024-06-28 11:38

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2015-20107: In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9

Created: 2022-07-04 Last update: 2022-12-08 23:47

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2015-20107: In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack validation of user-provided filenames or arguments). The fix is also back-ported to 3.7, 3.8, 3.9

Created: 2022-07-04 Last update: 2022-11-23 05:34

news

[2024-03-24] Accepted python2.7 2.7.16-2+deb10u4 (source) into oldoldstable (Adrian Bunk)
[2023-09-25] Accepted python2.7 2.7.18-8+deb11u1 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Helmut Grohne)
[2023-09-20] Accepted python2.7 2.7.16-2+deb10u3 (source) into oldoldstable (Helmut Grohne)
[2023-05-24] Accepted python2.7 2.7.16-2+deb10u2 (source) into oldstable (Sylvain Beucler)
[2022-12-27] Removed 2.7.18-13.2 from unstable (Debian FTP Masters)
[2022-12-09] python2.7 REMOVED from testing (Debian testing watch)
[2022-08-03] python2.7 2.7.18-13.2 MIGRATED to testing (Debian testing watch)
[2022-08-01] Accepted python2.7 2.7.18-13.2 (source) into unstable (Unit 193)
[2022-04-03] python2.7 2.7.18-13.1 MIGRATED to testing (Debian testing watch)
[2022-03-31] Accepted python2.7 2.7.18-13.1 (source) into unstable (Anton Gladky)
[2022-03-31] Accepted python2.7 2.7.18-13.1~exp1 (source) into experimental (Anton Gladky)
[2022-02-24] python2.7 2.7.18-13 MIGRATED to testing (Debian testing watch)
[2022-02-22] Accepted python2.7 2.7.18-13 (source) into unstable (Matthias Klose)
[2022-02-12] Accepted python2.7 2.7.13-2+deb9u6 (source) into oldoldstable (Anton Gladky)
[2022-01-29] python2.7 2.7.18-12 MIGRATED to testing (Debian testing watch)
[2022-01-23] Accepted python2.7 2.7.18-12 (source) into unstable (Matthias Klose)
[2022-01-21] Accepted python2.7 2.7.18-11 (source) into unstable (Matthias Klose)
[2022-01-21] Accepted python2.7 2.7.18-10 (source) into unstable (Matthias Klose)
[2021-09-29] python2.7 2.7.18-9 MIGRATED to testing (Debian testing watch)
[2021-09-24] Accepted python2.7 2.7.18-9 (source) into unstable (Matthias Klose)
[2021-07-19] python2.7 2.7.18-8 MIGRATED to testing (Debian testing watch)
[2021-07-14] Accepted python2.7 2.7.18-8 (source) into unstable (Matthias Klose)
[2021-05-06] python2.7 2.7.18-7 MIGRATED to testing (Debian testing watch)
[2021-04-28] Accepted python2.7 2.7.18-7 (source) into unstable (Matthias Klose)
[2021-04-17] Accepted python2.7 2.7.13-2+deb9u5 (source) into oldstable (Anton Gladky)
[2021-03-15] python2.7 2.7.18-6 MIGRATED to testing (Debian testing watch)
[2021-03-09] Accepted python2.7 2.7.18-6 (source) into unstable (Matthias Klose)
[2021-03-09] python2.7 2.7.18-5 MIGRATED to testing (Debian testing watch)
[2021-02-27] Accepted python2.7 2.7.18-5 (source) into unstable (Matthias Klose)
[2021-02-26] Accepted python2.7 2.7.18-4 (source) into unstable (Matthias Klose)

1
2

bugs [bug history graph]

all: 0

links

buildd: logs, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing