Debian LTS: DLA-1924-1 Critical: Python 3.4 Email Parsing Problem
debian lts
September 16, 2019
A vulnerability was discovered in Python, an interactive high-level object-oriented language
Summary
CVE-2019-16056
The email module wrongly parses email addresses that contain
multiple @ characters. An application that uses the email module and
implements some kind of checks on the From/To headers of a message
could be tricked into accepting an email address that should be
denied.
For Debian 8 "Jessie", this problem has been fixed in version
3.4.2-1+deb8u7.
We recommend that you upgrade your python3.4 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
<pre><font face="Courier">Package: python3.4
Version: 3.4.2-1+deb8u7
CVE ID: CVE-2019-16056
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!