| Package | python2.7 |
|---|---|
| Version | 2.7.13-2+deb9u11 (stretch) |
The fix for CVE-2023-27043 made the email.utils.getaddresses function return results with an additional conversion from Python string object (str) to Unicode object (unicode). This can lead to a change in corner-case situations, as spotted in the Mercurial test suite. The fix was adapted to restore the previous behavior.
For Debian 9 stretch, these problems have been fixed in version 2.7.13-2+deb9u11.
We recommend that you upgrade your python2.7 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.