It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "idle-python3.5" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-dbg" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-dbgsym" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-dev" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-dev-dbgsym" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-minimal" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-minimal-dbgsym" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-stdlib" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-stdlib-dbgsym" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "libpython3.5-testsuite" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5-dbg" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5-dev" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5-doc" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5-examples" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5-minimal" }, { "binary_version": "3.5.2-2ubuntu0~16.04.13+esm5", "binary_name": "python3.5-venv" } ] }