Alerts This Week
Warning Icon 1 1,139
Alerts This Week
Warning Icon 1 1,139

Debian 11: DLA-3980-1 critical: python3.9 multiple flaws addressed

debian lts
Calendar Grey December 2, 2024
Dist Debian Esm H88
Ubuntu LTS USN-4100-1 fixes various vulnerabilities in the PHP interpreter, tackling buffer overflow and denial of service concerns.
Multiple vulnerabilities have been fixed in the Python3 interpreter
Topics%20covered

Topics Covered

security advisory debian DoS input validation python ssl redirection

Summary

CVE-2015-20107

The mailcap module did not add escape characters into commands
discovered in the system mailcap file

CVE-2020-10735

Prevent DoS with very large int

CVE-2021-3426

Remove the pydoc getfile feature which could be abused to read
arbitrary files on the disk

CVE-2021-3733

Regular Expression Denial of Service in urllib's
AbstractBasicAuthHandler class

CVE-2021-3737

Infinite loop in the HTTP client code

CVE-2021-4189

Make ftplib not trust the PASV response

CVE-2021-28861

Open redirection vulnerability in http.server

CVE-2021-29921

Leading zeros in IPv4 addresses are no longer tolerated

CVE-2022-42919

Don't use Linux abstract sockets for multiprocessing

CVE-2022-45061

Quadratic time in the IDNA decoder

CVE-2023-6597

tempfile.TemporaryDirectory failure to remove dir

CVE-2023-24329

Strip C0 control and space chars in urlsplit

CVE-2023-27043

Reject malformed addresses in email.parseaddr()

CVE-2023-40217

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

Package: python3.9
Version: 3.9.2-1+deb11u2
CVE ID: CVE-2015-20107 CVE-2020-10735 CVE-2021-3426 CVE-2021-3733
Debian Bug: 989195 1070135 1059298 1070133

Topics%20covered

Topics Covered

security advisory debian DoS input validation python ssl redirection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here