USN-4754-5

Source

https://ubuntu.com/security/notices/USN-4754-5

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4754-5.json

Related

CVE-2021-3177

Published

2022-02-08T12:17:40.598825Z

Modified

2022-02-08T12:17:40.598825Z

Details

USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177 in Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)

References

Affected packages

Ubuntu:Pro:14.04:LTS / python2.7

Package

Name: python2.7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.7.6-8ubuntu0.6+esm10

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "python2.7": "2.7.6-8ubuntu0.6+esm10",
            "libpython2.7": "2.7.6-8ubuntu0.6+esm10",
            "libpython2.7-stdlib": "2.7.6-8ubuntu0.6+esm10",
            "python2.7-dev": "2.7.6-8ubuntu0.6+esm10",
            "python2.7-examples": "2.7.6-8ubuntu0.6+esm10",
            "python2.7-doc": "2.7.6-8ubuntu0.6+esm10",
            "idle-python2.7": "2.7.6-8ubuntu0.6+esm10",
            "python2.7-minimal": "2.7.6-8ubuntu0.6+esm10",
            "libpython2.7-testsuite": "2.7.6-8ubuntu0.6+esm10",
            "libpython2.7-dev": "2.7.6-8ubuntu0.6+esm10",
            "libpython2.7-minimal": "2.7.6-8ubuntu0.6+esm10"
        }
    ]
}