Explore top 10 tips to secure your open-source projects now. Read More
×
Python could be made to crash if it received specially crafted
input.
Software Description:
- python2.7: An interactive high-level object-oriented language
- python3.5: An interactive high-level object-oriented language
Details:
It was discovered that Python did not use sufficient entropy for Expat
hash-flooding protection in the xml.parsers.expat and xml.etree.ElementTree
modules. An attacker could use this to cause a denial of service via a
crafted XML document.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
idle-python2.7 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
idle-python3.5 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
libpython2.7 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
libpython2.7-dev 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
libpython2.7-minimal 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
libpython2.7-stdlib 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
libpython2.7-testsuite 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
libpython3.5 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
libpython3.5-dev 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
libpython3.5-minimal 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
libpython3.5-stdlib 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
libpython3.5-testsuite 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
python2.7 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
python2.7-dev 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
python2.7-doc 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
python2.7-examples 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
python2.7-minimal 2.7.12-1ubuntu0~16.04.18+esm20
Available with Ubuntu Pro
python3.5 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
python3.5-dev 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
python3.5-doc 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
python3.5-examples 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
python3.5-minimal 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
python3.5-venv 3.5.2-2ubuntu0~16.04.13+esm23
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-8524-1
CVE-2026-7210
Get the latest Linux and open source security news straight to your inbox.