** Summary changed: - Fixes for CVE-2023-27043 and CVE-2025-0938 not applied on bionic, xenial, and trusty + Fixes for CVE-2023-27043, CVE-2025-0938, CVE-2024-11168 not applied on bionic, xenial, and trusty
** Description changed: On esm-infra/bionic and esm-infra/xenial, the patch that fixes CVE-2023-27043 for python2.7 was not added to the debian/patches/series.in file, so the fix is not applied. - On esm-infra-legacy/trusty, the patch that fixes CVE-2025-0938 for - python2.7 was not added to the debian/patches/series.in file, so the fix - is not applied. The patch is also incomplete. + On esm-infra-legacy/trusty, the patches that fix CVE-2024-11168 and + CVE-2025-0938 for python2.7 were not added to the + debian/patches/series.in file, so the fix is not applied. The + CVE-2024-11168 patch is also missing from the debian/patches directory. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2125702 Title: Fixes for CVE-2023-27043, CVE-2025-0938, CVE-2024-11168 not applied on bionic, xenial, and trusty To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/2125702/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
