UbuntuUpdates.org

Package "python3.12"

Name: python3.12

Description:

Interactive high-level object-oriented language (version 3.12)
Latest version: 3.12.7-1ubuntu1.1
Release: oracular (24.10)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "python3.12"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "python3.12" in Oracular

Repository Area Version
base universe 3.12.7-1
base main 3.12.7-1
security universe 3.12.7-1ubuntu1.1
updates main 3.12.7-1ubuntu1.1
updates universe 3.12.7-1ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.12.7-1ubuntu1.1 2025-01-20 19:07:08 UTC

  python3.12 (3.12.7-1ubuntu1.1) oracular-security; urgency=medium

  * SECURITY UPDATE: memory exhaustion issue in asyncio
    - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if
      needed in Lib/asyncio/selector_events.py,
      Lib/test/test_asyncio/test_selector_events.py.
    - CVE-2024-12254

 -- Marc Deslauriers <email address hidden> Fri, 17 Jan 2025 11:55:27 -0500
Source diff to previous version
CVE-2024-12254 Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain t

Version: 3.12.7-1ubuntu1 2024-11-19 15:07:23 UTC

  python3.12 (3.12.7-1ubuntu1) oracular-security; urgency=medium

  * SECURITY UPDATE: incorrect quoting in venv module
    - debian/patches/CVE-2024-9287.patch: quote template strings in venv
      activation scripts in Lib/test/test_venv.py, Lib/venv/__init__.py,
      Lib/venv/scripts/common/activate, Lib/venv/scripts/nt/activate.bat,
      Lib/venv/scripts/posix/activate.csh,
      Lib/venv/scripts/posix/activate.fish.
    - CVE-2024-9287

 -- Marc Deslauriers <email address hidden> Wed, 06 Nov 2024 13:29:01 -0500
CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted pro


About   -   Send Feedback to @ubuntu_updates