Several security issues were fixed in Python.
Software Description:
- python3.14: An interactive high-level object-oriented language
- python3.12: An interactive high-level object-oriented language
- python3.10: An interactive high-level object-oriented language
Details:
It was discovered that Python incorrectly normalized paths in the tarfile
module. An attacker could possibly use this issue to bypass path
restrictions. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04
LTS. (CVE-2025-13462)
It was discovered that Python's HTMLParser incorrectly handled certain
malformed HTML input. An attacker could possibly use this issue to cause
Python to crash, resulting in a denial of service. This issue only affected
Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2025-69534)
It was discovered that Python's email module incorrectly quoted newlines
in headers. An attacker could possibly use this issue to inject arbitrary
email headers. This issue only affected Ubuntu 22.04 LTS and U...
The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libpython3.14 3.14.4-1ubuntu0.1 python3.14 3.14.4-1ubuntu0.1 Ubuntu 24.04 LTS libpython3.12t64 3.12.3-1ubuntu0.15 python3.12 3.12.3-1ubuntu0.15 Ubuntu 22.04 LTS libpython3.10 3.10.12-1~22.04.16 python3.10 3.10.12-1~22.04.16 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-8509-1
CVE-2021-4189, CVE-2025-13462, CVE-2025-69534, CVE-2026-0672,
CVE-2026-1299, CVE-2026-1502, CVE-2026-2297, CVE-2026-3276,
CVE-2026-3644, CVE-2026-4224, CVE-2026-4519, CVE-2026-4786,
CVE-2026-5713, CVE-2026-6019, CVE-2026-6100, CVE-2026-7774,
CVE-2026-8328, CVE-2026-9669
Get the latest Linux and open source security news straight to your inbox.