USN-4151-1 fixed several vulnerabilities in Python. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
Original advisory details:
It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. (CVE-2019-16056)
It was discovered that the Python documentation XML-RPC server incorrectly handled certain fields. A remote attacker could use this issue to execute a cross-site scripting (XSS) attack. (CVE-2019-16935)
{ "binaries": [ { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "idle-python2.7" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "libpython2.7" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "libpython2.7-dev" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "libpython2.7-minimal" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "libpython2.7-stdlib" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "libpython2.7-testsuite" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "python2.7" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "python2.7-dev" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "python2.7-examples" }, { "binary_version": "2.7.6-8ubuntu0.6+esm3", "binary_name": "python2.7-minimal" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "ecosystem": "Ubuntu:Pro:14.04:LTS", "cves": [ { "id": "CVE-2019-16056", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2019-16935", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "type": "Ubuntu", "score": "low" } ] } ] }
{ "binaries": [ { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "idle-python3.4" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "libpython3.4" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "libpython3.4-dev" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "libpython3.4-minimal" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "libpython3.4-stdlib" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "libpython3.4-testsuite" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "python3.4" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "python3.4-dev" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "python3.4-examples" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "python3.4-minimal" }, { "binary_version": "3.4.3-1ubuntu1~14.04.7+esm4", "binary_name": "python3.4-venv" } ], "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "ecosystem": "Ubuntu:Pro:14.04:LTS", "cves": [ { "id": "CVE-2019-16056", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2019-16935", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "type": "Ubuntu", "score": "low" } ] } ] }