Multiple security issues were discovered in Python: CVE-2013-4238 Ryan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly. CVE-2014-1912 Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrom_into() function.

For the stable distribution (wheezy), these problems have been fixed in version 2.7.3-6+deb7u2. For the unstable distribution (sid), these problems have been fixed in version 2.7.6-7. We recommend that you upgrade your python2.7 packages.

Version 2.7 of the high-level, interactive object oriented language, includes an extensive class library with lots of goodies for network programming, system administration, sounds and graphics.

python2.7 on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2014/dsa-2880.html

---

Updated on 2015-03-25