Secure testing team - Oct 2010 - Bug#599739: CVE-2010-1634 and CVE-2010-2089

Package: python2.5
Severity: grave
Tags: security

CVE-2010-1634 and CVE-2010-2089 are fixed in the other Python packages
in Squeeze, but still unfixed for python2.5.

Patch attached.

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, ''unstable'')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages python2.5 depends on:
ii  libbz2-1.0                1.0.5-4        high-quality block-sorting file co
ii  libc6                     2.11.2-2       Embedded GNU C Library: Shared lib
pn  libdb4.5                  <none>         (no description available)
ii  libncursesw5              5.7+20100313-2 shared libraries for terminal hand
ii  libreadline6              6.1-3          GNU readline and history libraries
ii  libsqlite3-0              3.7.0.1-1      SQLite 3 shared library
ii  libssl0.9.8               0.9.8o-1       SSL shared libraries
ii  mime-support              3.48-1         MIME files
''mime.types'' & ''mailcap
pn  python2.5-minimal         <none>         (no description available)

python2.5 recommends no packages.

Versions of packages python2.5 suggests:
pn  python-profiler               <none>     (no description available)
pn  python2.5-doc                 <none>     (no description available)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: py25-CVE-2010-1634_2089.patch
Type: text/x-c
Size: 18882 bytes
Desc: not available
URL:
<http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20101010/4e1bf038/attachment.bin>