In association with heise online

« previous | next »
31 May 2011, 10:52

Python 2.5.6 fixes medium severity issues

Python icon For those still running Python 2.5.x, the release of Python 2.5.6 is likely to be the last release of Python 2.5; after October 2011 there will be no more security issues fixed in Python 2.5 and it is recommended that users update to Python 2.7.1, which is the latest version of the current Python 2.x series.

The Python 2.5.6 update fixes a number of medium severity issues. These are a vulnerability to XSS attacks in SimpleHTTPServer, a failure to follow redirections with file: schemes in urllib and urllib2 (CVE-2011-1521), incorrect integer overflow checks (CVE-2010-1634) and a denial of service vulnerability in audioop (CVE-2010-2089).

The issues fixed in 2.5.6 are also due to be fixed in upcoming releases of Python 2.6.7 on 3 June, Python 3.2.1 on June 5 and Python 2.7.2 and 3.1.4 on June 11. Python 2.6.7's release will be security fixes only, while 2.7.2 and 3.1.4 will be more general maintenance releases and 3.2.1 will be the latest in the ongoing development of Python.

Python 2.5.6 is only available to download as source from the announcement page and is licensed under the Python Software Foundation Licence.

(djwm)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-1252703

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Palit GeForce GTX 670
  9. Diablo 3 (deutsch)
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit