Several security issues were fixed in Python.
Software Description:
- python3.13: An interactive high-level object-oriented language
Details:
USN-7886-1 fixed vulnerabilities in Python. This update provides the
corresponding updates for python3.13 in Ubuntu 25.04 and Ubuntu 25.10.
Original advisory details:
It was discovered that Python inefficiently handled expanding system
environment variables. An attacker could possibly use this issue to cause
Python to consume excessive resources, leading to a denial of service.
(CVE-2025-6075)
Caleb Brown discovered that Python incorrectly handled the ZIP64 End of
Central Directory (EOCD) Locator record offset value. An attacker could
possibly use this issue to obfuscate malicious content. (CVE-2025-8291)
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 libpython3.13 3.13.7-1ubuntu0.1 python3.13 3.13.7-1ubuntu0.1 Ubuntu 25.04 libpython3.13 3.13.3-1ubuntu0.4 python3.13 3.13.3-1ubuntu0.4 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7886-2
https://ubuntu.com/security/notices/USN-7886-1
CVE-2025-6075, CVE-2025-8291
Get the latest Linux and open source security news straight to your inbox.