Opened 5 years ago

Closed 5 years ago

#8013 closed enhancement (fixed)

python2-2.7.12

Reported by: bdubbs@… Owned by: Pierre Labastie
Priority: high Milestone: 7.10
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description (last modified by Douglas R. Reno)

New point version

- Issue #26556: Update expat to 2.1.1, fixes CVE-2015-1283.

- Fix TLS stripping vulnerability in smptlib, CVE-2016-0772.  Reported by Team
  Oststrom

- Issue #26171: Fix possible integer overflow and heap corruption in
  zipimporter.get_data().

CVE-2016-0772 CVE-2015-1283 Note: 3rd item above was never assigned a CVE, but one was requested several times and never acted upon.

Change History (3)

comment:1 by Douglas R. Reno, 5 years ago

Description: modified (diff)
Priority: normalhigh

Not accepting, as I have too many other tickets. But I have updated the description.

comment:2 by Pierre Labastie, 5 years ago

Owner: changed from blfs-book@… to Pierre Labastie
Status: newassigned

comment:3 by Pierre Labastie, 5 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r17541

Note: See TracTickets for help on using tickets.