ELA-158-1 python2.7 security update

bad cookie handling

2019-08-31
Packagepython2.7
Version2.7.3-6+deb7u7
Related CVE CVE-2018-20852

A vulnerability has been discovered in Python, that is relevant for cookie handling. By using a malicious server an attacker might steal cookies that are meant for other domains

For Debian 7 Wheezy, these problems have been fixed in version 2.7.3-6+deb7u7.

We recommend that you upgrade your python2.7 packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/