Your submission was sent successfully! Close

USN-4754-1: Python vulnerabilities

25 February 2021

Python could be made to execute arbitrary code or denial of service if it received a specially crafted input.

Releases

Packages

  • python2.7 - An interactive high-level object-oriented language
  • python3.4 - An interactive high-level object-oriented language
  • python3.5 - An interactive high-level object-oriented language
  • python3.6 - An interactive high-level object-oriented language
  • python3.8 - Interactive high-level object-oriented language (version 3.8)

Details

It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)

Related notices

  • USN-4754-4: python2.7-dev, libpython2.7-dev, libpython2.7-testsuite, idle-python2.7, python2.7-doc, python2.7, libpython2.7, libpython2.7-stdlib, libpython2.7-minimal, python2.7-examples, python2.7-minimal
  • USN-4754-3: libpython3.8-stdlib, python3.8-venv, python3.7-dev, python3.8-dev, idle-python2.7, python3.7-examples, libpython3.7-testsuite, libpython2.7-stdlib, libpython2.7-minimal, libpython3.7-dev, libpython3.7-stdlib, python2.7-examples, idle-python3.8, libpython3.7, python3.8, libpython3.8-dev, libpython3.8-testsuite, idle-python3.7, python2.7-minimal, python2.7-dev, libpython2.7-dev, python3.7-venv, libpython2.7-testsuite, libpython3.8-minimal, python3.8-examples, python2.7-doc, python2.7, python3.7, libpython3.7-minimal, libpython3.8, python3.7-minimal, libpython2.7, python3.7-doc, python3.8-minimal