7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
A regression has been identified in the python2.6 update of DLA-25-1,
which may cause python applications to abort if they were running during
the upgrade but they had not already imported the ‘os’ module, and do so
after the upgrade. This update fixes this upgrade scenario.
For reference, the original advisory text follows.
Multiple vulnerabilities were discovered in python2.6. The more
relevant are:
For Debian 6 Squeeze, these issues have been fixed in python2.6 version 2.6.6-8+deb6u2