Python security issue #16039, #16041 and #16042 looks not be fixed on Python 2.7.6 (smtplib/imaplib/poplib of python has a vulnerability due to unlimited readline() from connection)
Bug #1351180 reported by
Takenori MATSUMOTO
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python2.7 (Ubuntu) |
Fix Released
|
Low
|
Unassigned | ||
| Trusty |
Triaged
|
Low
|
Unassigned | ||
Bug Description
I found that below Python security issues may not be yet fixed on Python 2.7.6 bundled with 14.04LTS. It looks those patches are already applied to Python 3.4 on 14.04LTS. It looks those patches are not included in upstream souce codes on both 2.7.6 and latest 2.7 version (2.7.8).
http://
http://
http://
CVE References
| information type: | Private Security → Public Security |
Revision history for this message
| Jamie Strandboge (jdstrand) wrote | #1 |
| Changed in python2.7 (Ubuntu): | |
| status: | New → Triaged |
| importance: | Undecided → Low |
Revision history for this message
| Matthias Klose (doko) wrote | #2 |
| Changed in python2.7 (Ubuntu): | |
| status: | Triaged → Fix Released |
| Changed in python2.7 (Ubuntu Trusty): | |
| importance: | Undecided → Low |
| status: | New → Triaged |
To post a comment you must log in.
This is CVE-2013-1752 which is rated as having a 'Low' priority. It should be fixed in a future python update.