Ubuntu 24.10: USN-7488-1 critical alert for Python SSRF and DoS issues
ubuntu
May 6, 2025
Several security issues were fixed in Python.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Python. Software Description: - python3.13: An interactive high-level object-oriented language - python2.7: An interactive high-level object-oriented language - python3.11: An interactive high-level object-oriented language - python3.9: An interactive high-level object-oriented language - python3.6: An interactive high-level object-oriented language - python3.7: An interactive high-level object-oriented language - python3.8: An interactive high-level object-oriented language - python3.4: An interactive high-level object-oriented language Details: It was discovered that Python incorrectly handled parsing bracketed hosts. A remote attacker could possibly use this issue to perform a Server-Side Request Forgery (SSRF) attack. Th...
Read the Full Advisory
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 python3.13 3.13.0-1ubuntu0.1 python3.13-minimal 3.13.0-1ubuntu0.1 python3.13-venv 3.13.0-1ubuntu0.1 Ubuntu 22.04 LTS python2.7 2.7.18-13ubuntu1.5+esm5 Available with Ubuntu Pro python2.7-minimal 2.7.18-13ubuntu1.5+esm5 Available with Ubuntu Pro python3.11 3.11.0~rc1-1~22.04.1~esm2 Available with Ubuntu Pro python3.11-minimal 3.11.0~rc1-1~22.04.1~esm2 Available with Ubuntu Pro python3.11-venv 3.11.0~rc1-1~22.04.1~esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS python2.7 2.7.18-1~20.04.7+esm6 Available with Ubuntu Pro python2.7-minimal 2.7.18-1~20.04.7+esm6 Available with Ubuntu Pro python3.9 3.9.5-3ubuntu0~20.04.1+esm3 Available with Ubuntu Pro python3.9-minimal 3.9.5-3ubuntu0~20.04.1+esm3 Available with Ubuntu Pro python3.9-venv 3.9.5-3ubuntu0~20.04.1+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS python2.7 2.7.17-1~18.04ubuntu1.13+esm10 Available with Ubuntu Pro python2.7-minimal 2.7.17-1~18.04ubuntu1.13+esm10 Available with Ubuntu Pro python3.6 3.6.9-1~18.04ubuntu1.13+esm3 Available with Ubuntu Pro python3.6-minimal 3.6.9-1~18.04ubuntu1.13+esm3 Available with Ubuntu Pro python3.6-venv 3.6.9-1~18.04ubuntu1.13+esm3 Available with Ubuntu Pro python3.7 3.7.5-2ubuntu1~18.04.2+esm4 Available with Ubuntu Pro python3.7-minimal 3.7.5-2ubuntu1~18.04.2+esm4 Available with Ubuntu Pro python3.7-venv 3.7.5-2ubuntu1~18.04.2+esm4 Available with Ubuntu Pro python3.8 3.8.0-3ubuntu1~18.04.2+esm3 Available with Ubuntu Pro python3.8-minimal 3.8.0-3ubuntu1~18.04.2+esm3 Available with Ubuntu Pro python3.8-venv 3.8.0-3ubuntu1~18.04.2+esm3 Available with Ubuntu Pro Ubuntu 16.04 LTS python2.7 2.7.12-1ubuntu0~16.04.18+esm15 Available with Ubuntu Pro python2.7-minimal 2.7.12-1ubuntu0~16.04.18+esm15 Available with Ubuntu Pro Ubuntu 14.04 LTS python2.7 2.7.6-8ubuntu0.6+esm24 Available with Ubuntu Pro python2.7-minimal 2.7.6-8ubuntu0.6+esm24 Available with Ubuntu Pro python3.4 3.4.3-1ubuntu1~14.04.7+esm14 Available with Ubuntu Pro python3.4-minimal 3.4.3-1ubuntu1~14.04.7+esm14 Available with Ubuntu Pro python3.4-venv 3.4.3-1ubuntu1~14.04.7+esm14 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7488-1
CVE-2024-11168, CVE-2024-6232, CVE-2024-9287
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7488-1
Topics Covered
Package Information
https://launchpad.net/ubuntu/+source/python3.13/3.13.0-1ubuntu0.1
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!