"Python 2.6 is now in security-fix-only mode; no new features are being
added, and no new bug fix releases are planned. We intend to provide
source-only security fixes for the Python 2.6 series until October 2013
(five years after the 2.6 final release). For ongoing maintenance
releases, please see the Python 2.7 series."
This version fixes the following security issues.
"Issue #9129: smtpd.py is vulnerable to DoS attacks deriving from missing
error handling when accepting a new connection."
"Issue #11442: Add a charset parameter to the Content-type in
SimpleHTTPServer to avoid XSS attacks."
"Issue #11662: Make urllib and urllib2 ignore redirections if the
scheme is not HTTP, HTTPS or FTP (CVE-2011-1521)."
It is recommended for Python 2.6.x users to investigate upgrading to
2.7. If that is not possible, update to 2.6.7 and start planning an
exit strategy from 2.6.x when it becomes no longer supported in October