UbuntuUpdates.org

Package "libpython3.5-stdlib"

Name: libpython3.5-stdlib

Description:

Interactive high-level object-oriented language (standard library, version 3.5)

Latest version: 3.5.2-2ubuntu0~16.04.13
Release: xenial (16.04)
Level: updates
Repository: main
Head package: python3.5

Links


Download "libpython3.5-stdlib"


Other versions of "libpython3.5-stdlib" in Xenial

Repository Area Version
base main 3.5.1-10
security main 3.5.2-2ubuntu0~16.04.13

Changelog

Version: 3.5.2-2ubuntu0~16.04.8 2019-09-09 19:06:57 UTC
No changelog available yet.
Source diff to previous version

Version: 3.5.2-2ubuntu0~16.04.5 2018-11-13 17:07:25 UTC

  python3.5 (3.5.2-2ubuntu0~16.04.5) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via catastrophic backtracking
    - debian/patches/CVE-2018-106x.patch: fix expressions in
      Lib/difflib.py, Lib/poplib.py. Added tests to
      Lib/test/test_difflib.py, Lib/test/test_poplib.py.
    - CVE-2018-1060
    - CVE-2018-1061
  * SECURITY UPDATE: incorrect Expat hash salt initialization
    - debian/patches/CVE-2018-14647.patch: call SetHashSalt in
      Include/pyexpat.h, Modules/_elementtree.c, Modules/pyexpat.c.
    - CVE-2018-14647

 -- Marc Deslauriers <email address hidden> Mon, 12 Nov 2018 08:43:14 -0500

Source diff to previous version
CVE-2018-1060 python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacke
CVE-2018-1061 python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An
CVE-2018-14647 Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service

Version: 3.5.2-2ubuntu0~16.04.4 2017-11-29 01:06:45 UTC

  python3.5 (3.5.2-2ubuntu0~16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in the PyBytes_DecodeEscape
    function
    - debian/patches/CVE-2017-1000158.patch: fix this integer overflow
      in Objects/bytesobject.c.
    - CVE-2017-1000158

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 23 Nov 2017 13:37:01 -0300

Source diff to previous version

Version: 3.5.2-2ubuntu0~16.04.3 2017-09-28 22:06:33 UTC

  python3.5 (3.5.2-2ubuntu0~16.04.3) xenial; urgency=medium

  * Explicitly use the system python for byte compilation in postinst scripts.
    (LP: #1682934)

 -- Brian Murray <email address hidden> Thu, 14 Sep 2017 15:51:06 -0700

Source diff to previous version
1682934 python3 in /usr/local/bin can cause python3 packages to fail to install

Version: 3.5.2-2ubuntu0~16.04.2 2017-09-18 16:06:19 UTC
No changelog available yet.



About   -   Send Feedback to @ubuntu_updates