Wonderful, thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401322
Title:
Upgrade to Python 2.7.9
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python
https://bugs.launchpad.net/ubuntu/+source/python-defaults/2.7.15-3
** Changed in: python-defaults (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/140132
@tyhicks Sadly we depend on some libraries that aren't python3-safe. The
backport combined with suggested /etc/python/cert-verification.cfg would
be an excellent solution
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.lau
@kwoot - please see comment #10 for python2.7 options that may be
available in 12.04 and 14.04 in the future. I wanted to point out to you
that python3.4 in 14.04 already has the ability to enable full
certification verification through the /etc/python3.4/cert-
verification.conf configuration file.
Marking confirmed while the investigation is ongoing. Please mark as
triaged if we will employ one of the strategies.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401322
Title:
Upgrade to Python 2
** Changed in: python-defaults (Ubuntu)
Status: Fix Released => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401322
Title:
Upgrade to Python 2.7.9
To manage notifications about t
Hi Cory and Kevin! The Ubuntu Security team (most of the work was done
by Marc Deslauriers) has actively fixed individual Python packages in
Ubuntu's main archive pocket that are vulnerable to certificate
verification flaws prior to the Python 2.7.9 change. While many packages
were already doing pr
For the people annoyed at the idea to move to 16.04:
There are some alternative ways to get an updated Python version,
without relying on the one shipped by default in Ubuntu:
Pythonz: https://github.com/saghul/pythonz (disclaimer: I submitted some
patches and integrated pythonz into my own proj
I have to agree with the sentiment that this should be backported on the
grounds Ubuntu LTS releases are popular server operating systems which
many folks rely on for day to day operations. As an LTS release its
expected security issues will be taken care of as long as the release is
supported. The
So none of the currently supported LTS versions will actually have a backport.
I'd rather not have to upgrade to 16.04 LTS (Xenial Xerus) in order to get rid
of urllib2 quircks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://b
Tyler,
Sorry if I don't fully understand, but your claim is that this is a non-
issue because "you" (presumably referring to the Ubuntu Security team in
general) will fix individual applications that are vulnerable to
CVE-2014-9365. Before closing this issue, I'd like to know how you plan
to do th
The Ubuntu Security team has made the decision to not backport the fix
for CVE-2014-9365 to stable Ubuntu releases. The rationale can be found
in the Notes section of the corresponding Ubuntu CVE tracker entry:
http://people.canonical.com/~ubuntu-
security/cve/2014/CVE-2014-9365.html
I think th
Python 2.7.9 is now in the Proposed for Ubuntu Vivid. My guess is that
they are rebuilding/checking libraries and applications to verify they
are still working as expected with the newer version, before pushing it
to the main archives.
As for backporting to older releases I don't know, but it shou
CVE-2014-9365 has been assigned to TLS certificate validation issue in
Python 2.7.8 and earlier; this issue is fixed in 2.7.9
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9365
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscri
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: python-defaults (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1401322
Tit
15 matches
Mail list logo
