ELA-265-1 python2.7 security update
Package python2.7
ELA-265-1 python2.7 security update
Version 2.7.9-2-ds1+deb8u6
Related CVEs CVE-2019-20907
An issue has been found in python2.7, an interactive high-level object-oriented language.
Opening a crafted tar file could result in an infinite loop due to missing header validation.
For Debian 8 jessie, these problems have been fixed in version 2.7.9-2-ds1+deb8u6.
We recommend that you upgrade your python2.7 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
A python2.7 security update has been released for Debian GNU/Linux 8 Extended LTS to address an issue where a crafted tar file could result in an infinite loop due to missing header validation.