Publishing details
Changelog
python3.8 (3.8.0-3ubuntu1~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Regular Expression Denial of Service
- debian/patches/CVE-2020-8492.patch: updates a regular expression in the
urllib.request.AbsatrctBasicAuthHandler class which allows for
catastrophic backtracking and could result in a Denial of Service
condition.
- CVE-2020-8492
* SECURITY UPDATE: Regular Expression Denial of Service
- debian/patches/CVE-2021-3733.patch: updates a regular expression in the
urllib.request.AbstractBasicAuthHandler class which has a quadratic
worst-case time complexity and could be abused by a malicious HTTP
server to cause a Denial of Service condition for a client.
- CVE-2021-3733
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-3737.patch: addresses the potential for the
urllib http client to enter into an infinite loop and hang on a 100
Continue response from a malicious server.
- debian/patches/CVE-2021-3737_test-fix.patch: improves the regression
test in Lib/test/test_httplib.py
- CVE-2021-3737
-- Ian Constantin <email address hidden> Thu, 09 Dec 2021 12:53:27 -0500
Builds
Built packages
-
idle-python3.8
IDE for Python (v3.8) using Tkinter
-
libpython3.8
Shared Python runtime library (version 3.8)
-
libpython3.8-dbg
Debug Build of the Python Interpreter (version 3.8)
-
libpython3.8-dev
Header files and a static library for Python (v3.8)
-
libpython3.8-minimal
Minimal subset of the Python language (version 3.8)
-
libpython3.8-stdlib
Interactive high-level object-oriented language (standard library, version 3.8)
-
libpython3.8-testsuite
Testsuite for the Python standard library (v3.8)
-
python3.8
Interactive high-level object-oriented language (version 3.8)
-
python3.8-dbg
Debug Build of the Python Interpreter (version 3.8)
-
python3.8-dev
Header files and a static library for Python (v3.8)
-
python3.8-examples
Examples for the Python language (v3.8)
-
python3.8-minimal
Minimal subset of the Python language (version 3.8)
-
python3.8-venv
Interactive high-level object-oriented language (pyvenv binary, version 3.8)
Package files