USN-4973-1: Python vulnerability

01 June 2021

Python could allow unintended access to network services.

Releases

Packages

  • python3.8 - An interactive high-level object-oriented language

Details

It was discovered that the Python stdlib ipaddress API incorrectly handled
octal strings. A remote attacker could possibly use this issue to perform a
wide variety of attacks, including bypassing certain access restrictions.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.10
Ubuntu 20.04

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-4973-2: libpython3.8-dev, libpython3.8, python3.8-minimal, libpython3.8-testsuite, libpython3.8-minimal, python3.8, python3.8-venv, idle-python3.8, python3.8-doc, python3.8-examples, python3.8-dev, libpython3.8-stdlib, python3.8-full