Package "python3.6"

Name: python3.6


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • IDE for Python (v3.6) using Tkinter
  • Interactive high-level object-oriented language (pyvenv binary, version 3.6)

Latest version: 3.6.9-1~18.04ubuntu1
Release: bionic (18.04)
Level: security
Repository: universe


Other versions of "python3.6" in Bionic

Repository Area Version
base main 3.6.5-3
base universe 3.6.5-3
security main 3.6.9-1~18.04ubuntu1
updates main 3.6.9-1~18.04ubuntu1
updates universe 3.6.9-1~18.04ubuntu1

Packages in group

Deleted packages are displayed in grey.


Version: 3.6.9-1~18.04ubuntu1 2020-04-21 14:06:24 UTC

  python3.6 (3.6.9-1~18.04ubuntu1) bionic-security; urgency=medium

    - debian/patches/CVE-2019-18348.patch: disallow control characters
      in hostnames in http.client in Lib/http/client.py, Lib/test/test_urllib.py.
    - CVE-2019-18348
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2020-8492.patch: fix the regex to prevent
      the regex denial of service in Lib/urllib/request.py,
    - CVE-2020-8492

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 17 Apr 2020 22:56:04 -0300

Source diff to previous version
CVE-2019-18348 An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker co
CVE-2020-8492 Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular E

Version: 3.6.8-1~18.04.3 2019-10-09 14:08:24 UTC

  python3.6 (3.6.8-1~18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: incorrect email address parsing
    - debian/patches/CVE-2019-16056.patch: don't parse domains containing @
      in Lib/email/_header_value_parser.py, Lib/email/_parseaddr.py,
    - CVE-2019-16056
  * SECURITY UPDATE: XSS in documentation XML-RPC server
    - debian/patches/CVE-2019-16935.patch: escape the server_title in
      Lib/xmlrpc/server.py, Lib/test/test_docxmlrpc.py.
    - CVE-2019-16935

 -- Marc Deslauriers <email address hidden> Mon, 07 Oct 2019 08:59:55 -0400

Source diff to previous version
CVE-2019-16056 An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses em
CVE-2019-16935 The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs

Version: 3.6.8-1~18.04.2 2019-09-09 19:07:03 UTC
No changelog available yet.
Source diff to previous version

Version: 3.6.8-1~18.04.1 2019-08-20 13:07:11 UTC

  python3.6 (3.6.8-1~18.04.1) bionic; urgency=medium

  * Rebuild with OpenSSL 1.1.1. LP: #1797386

About   -   Send Feedback to @ubuntu_updates