Debian Package Tracker
Register | Log in
Subscribe

python-httplib2

comprehensive HTTP client library written for Python3

Choose email to subscribe with

general
  • source: python-httplib2 (main)
  • version: 0.32.0-1
  • maintainer: Debian Python Team (DMD)
  • uploaders: Chris Lamb [DMD] – Andrea Colangelo [DMD]
  • arch: all
  • std-ver: 4.7.4
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 0.18.1-3
  • oldstable: 0.20.4-3
  • stable: 0.22.0-1
  • testing: 0.32.0-1
  • unstable: 0.32.0-1
versioned links
  • 0.18.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.20.4-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.22.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.32.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • python3-httplib2
action needed
1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:
  • CVE-2026-59939: httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small compressed payload that expands to an arbitrarily large size in memory and causes MemoryError or OOM-kill in the client process. This issue is fixed in version 0.32.0.
Created: 2026-07-09 Last update: 2026-07-09 11:00
2 security issues in bullseye high

There are 2 open security issues in bullseye.

1 important issue:
  • CVE-2026-59939: httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small compressed payload that expands to an arbitrarily large size in memory and causes MemoryError or OOM-kill in the client process. This issue is fixed in version 0.32.0.
1 issue postponed or untriaged:
  • CVE-2021-21240: (needs triaging) httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service (CPU burn while parsing header) of the httplib2 client accessing said server. This is fixed in version 0.19.0 which contains a new implementation of auth headers parsing using the pyparsing library.
Created: 2026-07-09 Last update: 2026-07-09 11:00
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2026-59939: httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small compressed payload that expands to an arbitrarily large size in memory and causes MemoryError or OOM-kill in the client process. This issue is fixed in version 0.32.0.
Created: 2026-07-09 Last update: 2026-07-09 11:00
news
[rss feed]
  • [2026-07-03] python-httplib2 0.32.0-1 MIGRATED to testing (Debian testing watch)
  • [2026-07-01] Accepted python-httplib2 0.32.0-1 (source) into unstable (Colin Watson)
  • [2026-04-19] python-httplib2 0.31.2-2 MIGRATED to testing (Debian testing watch)
  • [2026-04-15] Accepted python-httplib2 0.31.2-2 (source) into unstable (Alexandre Detiste)
  • [2026-03-17] python-httplib2 0.31.2-1 MIGRATED to testing (Debian testing watch)
  • [2026-03-12] Accepted python-httplib2 0.31.2-1 (source) into unstable (Harlan Lieberman-Berg)
  • [2024-05-22] python-httplib2 0.22.0-1 MIGRATED to testing (Debian testing watch)
  • [2024-05-19] Accepted python-httplib2 0.22.0-1 (source) into unstable (Colin Watson)
  • [2023-01-07] python-httplib2 0.20.4-3 MIGRATED to testing (Debian testing watch)
  • [2023-01-03] Accepted python-httplib2 0.20.4-3 (source) into unstable (Jochen Sprickerhof)
  • [2022-07-04] python-httplib2 0.20.4-2 MIGRATED to testing (Debian testing watch)
  • [2022-07-02] Accepted python-httplib2 0.20.4-2 (source) into unstable (Sandro Tosi)
  • [2022-06-27] Accepted python-httplib2 0.20.4-1 (source) into unstable (Sandro Tosi)
  • [2022-05-28] python-httplib2 0.20.2-3 MIGRATED to testing (Debian testing watch)
  • [2022-05-25] Accepted python-httplib2 0.20.2-3 (source) into unstable (Debian Janitor) (signed by: Jelmer Vernooij)
  • [2021-11-28] python-httplib2 0.20.2-2 MIGRATED to testing (Debian testing watch)
  • [2021-11-26] Accepted python-httplib2 0.20.2-2 (source) into unstable (Stefano Rivera)
  • [2021-11-26] Accepted python-httplib2 0.20.2-1 (source) into unstable (Stefano Rivera)
  • [2021-02-02] python-httplib2 0.18.1-3 MIGRATED to testing (Debian testing watch)
  • [2021-01-31] Accepted python-httplib2 0.18.1-3 (source) into unstable (Stefano Rivera)
  • [2021-01-31] Accepted python-httplib2 0.18.1-2 (source) into unstable (Stefano Rivera)
  • [2020-06-01] Accepted python-httplib2 0.9+dfsg-2+deb8u1 (source all) into oldoldstable (Abhijith PA)
  • [2020-05-30] python-httplib2 0.18.1-1 MIGRATED to testing (Debian testing watch)
  • [2020-05-27] Accepted python-httplib2 0.18.1-1 (source) into unstable (Dimitri John Ledkov)
  • [2020-05-23] python-httplib2 0.17.4-1 MIGRATED to testing (Debian testing watch)
  • [2020-05-20] Accepted python-httplib2 0.17.4-1 (source) into unstable (Jelmer Vernooij) (signed by: Jelmer Vernooij)
  • [2020-04-16] python-httplib2 0.14.0-3 MIGRATED to testing (Debian testing watch)
  • [2020-04-10] Accepted python-httplib2 0.14.0-3 (source) into unstable (Colin Watson)
  • [2020-04-03] python-httplib2 0.14.0-2 MIGRATED to testing (Debian testing watch)
  • [2020-03-28] Accepted python-httplib2 0.14.0-2 (source) into unstable (Sandro Tosi)
  • 1
  • 2
bugs [bug history graph]
  • all: 0
links
  • homepage
  • lintian
  • buildd: logs, reproducibility
  • popcon
  • browse source code
  • other distros
  • security tracker
  • debian patches
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.31.2-2

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing