python3.7 3.7.5-2ubuntu1~18.04.2 source package in Ubuntu
Changelog
python3.7 (3.7.5-2ubuntu1~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Regular Expression Denial of Service
- debian/patches/CVE-2020-8492.patch: updates a regular expression in the
urllib.request.AbsatrctBasicAuthHandler class which allows for
catastrophic backtracking and could result in a Denial of Service
condition.
- CVE-2020-8492
* SECURITY UPDATE: Regular Expression Denial of Service
- debian/patches/CVE-2021-3733.patch: updates a regular expression in the
urllib.request.AbstractBasicAuthHandler class which has a quadratic
worst-case time complexity and could be abused by a malicious HTTP
server to cause a Denial of Service condition for a client.
- CVE-2021-3733
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-3737.patch: addresses the potential for the
urllib http client to enter into an infinite loop and hang on a 100
Continue response from a malicious server.
- debian/patches/CVE-2021-3737_test-fix.patch: improves the regression
test in Lib/test/test_httplib.py
- CVE-2021-3737
-- Ian Constantin <email address hidden> Thu, 09 Dec 2021 12:04:37 -0500
Upload details
- Uploaded by:
- Ian Constantin
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | universe | misc | |
| Bionic | security | universe | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python3.7_3.7.5.orig.tar.xz | 16.4 MiB | e85a76ea9f3d6c485ec1780fca4e500725a4a7bbc63c78ebc44170de9b619d94 |
| python3.7_3.7.5-2ubuntu1~18.04.2.debian.tar.xz | 211.1 KiB | d7637c5da7c0e8d5aea3a5cb36051cfd372a5149082153dcc0398da21d5263c7 |
| python3.7_3.7.5-2ubuntu1~18.04.2.dsc | 3.3 KiB | dbc0b3215b414936014c7df5ba1399d72cdf6ae62c289508afae1215e6efbaa0 |
Available diffs
Binary packages built by this source
- idle-python3.7: IDE for Python (v3.7) using Tkinter
IDLE is an Integrated Development Environment for Python (v3.7).
IDLE is written using Tkinter and therefore quite platform-independent.
- libpython3.7: Shared Python runtime library (version 3.7)
Python is a high-level, interactive, object-oriented language. Its 3.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains the shared runtime library, normally not needed
for programs using the statically linked interpreter.
- libpython3.7-dbg: Debug Build of the Python Interpreter (version 3.7)
The package holds two things:
.
- Extensions for a Python interpreter configured with --pydebug.
- Debug information for standard python extensions.
.
See the README.debug for more information.
- libpython3.7-dev: Header files and a static library for Python (v3.7)
Header files, a static library and development tools for building
Python (v3.7) modules, extending the Python interpreter or embedding
Python (v3.7) in applications.
.
Maintainers of Python packages should read README.maintainers.
.
This package contains development files. It is normally not
used on it's own, but as a dependency of python3.7-dev.
- libpython3.7-minimal: Minimal subset of the Python language (version 3.7)
This package contains some essential modules. It is normally not
used on it's own, but as a dependency of python3.7-minimal.
- libpython3.7-stdlib: Interactive high-level object-oriented language (standard library, version 3.7)
Python is a high-level, interactive, object-oriented language. Its 3.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains Python 3.7's standard library. It is normally not
used on its own, but as a dependency of python3.7.
- libpython3.7-testsuite: Testsuite for the Python standard library (v3.7)
The complete testsuite for the Python standard library. Note that
a subset is found in the libpython3.7-stdlib package, which should
be enough for other packages to use (please do not build-depend
on this package, but file a bug report to include additional
testsuite files in the libpython3.7-stdlib package).
- python3.7: Interactive high-level object-oriented language (version 3.7)
Python is a high-level, interactive, object-oriented language. Its 3.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
- python3.7-dbg: Debug Build of the Python Interpreter (version 3.7)
The package holds two things:
.
- A Python interpreter configured with --pydebug. Dynamically loaded modules
are searched as <foo>_d.so first. Third party extensions need a separate
build to be used by this interpreter.
- Debug information for standard python interpreter and extensions.
.
See the README.debug for more information.
- python3.7-dev: Header files and a static library for Python (v3.7)
Header files, a static library and development tools for building
Python (v3.7) modules, extending the Python interpreter or embedding
Python (v3.7) in applications.
.
Maintainers of Python packages should read README.maintainers.
- python3.7-doc: Documentation for the high-level object-oriented language Python (v3.7)
These is the official set of documentation for the interactive high-level
object-oriented language Python (v3.7). All documents are provided
in HTML format. The package consists of ten documents:
.
* What's New in Python3.7
* Tutorial
* Python Library Reference
* Macintosh Module Reference
* Python Language Reference
* Extending and Embedding Python
* Python/C API Reference
* Installing Python Modules
* Documenting Python
* Distributing Python Modules
- python3.7-examples: Examples for the Python language (v3.7)
Examples, Demos and Tools for Python (v3.7). These are files included in
the upstream Python distribution (v3.7).
- python3.7-minimal: Minimal subset of the Python language (version 3.7)
This package contains the interpreter and some essential modules. It can
be used in the boot process for some basic tasks.
See /usr/share/doc/python3. 7-minimal/ README. Debian for a list of the modules
contained in this package.
- python3.7-venv: Interactive high-level object-oriented language (pyvenv binary, version 3.7)
Python is a high-level, interactive, object-oriented language. Its 3.7 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains the pyvenv-3.7 binary.
