Ubuntu 5888-1: Python vulnerabilities | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute
==========================================================================
Ubuntu Security Notice USN-5888-1
February 27, 2023

python3.9 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Python.

Software Description:
- python3.9: An interactive high-level object-oriented language

Details:

It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to
execute arbitrary code. (CVE-2015-20107)

Hamza Avvan discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2021-28861)

It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-37454, CVE-2022-42919)

It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2022-45061, CVE-2023-24329)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
   python3.9                       3.9.5-3ubuntu0~20.04.1+esm1
   python3.9-minimal               3.9.5-3ubuntu0~20.04.1+esm1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5888-1 

   CVE-2015-20107, CVE-2021-28861, CVE-2022-37454, CVE-2022-42919,
   CVE-2022-45061, CVE-2023-24329

Package Information:
https://launchpad.net/ubuntu/+source/python3.9/3.9.5-3ubuntu0~20.04.1+esm1

Ubuntu 5888-1: Python vulnerabilities

February 28, 2023
Several security issues were fixed in Python.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Python. Software Description: - python3.9: An interactive high-level object-oriented language Details: It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2015-20107) Hamza Avvan discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2021-28861) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to execute arbitrary code. (CVE-2022-37454, CVE-2022-42919) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2022-45061, CVE-2023-24329)

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS:   python3.9                       3.9.5-3ubuntu0~20.04.1+esm1   python3.9-minimal               3.9.5-3ubuntu0~20.04.1+esm1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5888-1

  CVE-2015-20107, CVE-2021-28861, CVE-2022-37454, CVE-2022-42919,

  CVE-2022-45061, CVE-2023-24329

Severity
Ubuntu Security Notice USN-5888-1

Package Information

https://launchpad.net/ubuntu/+source/python3.9/3.9.5-3ubuntu0~20.04.1+esm1

Related News

Google Discloses CentOS Linux Kernel Vulnerabilities Following Failure to Issue Timely Fixes

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy