It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service.
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "python-configobj", "binary_version": "5.0.6-2ubuntu0.16.04.1~esm1" }, { "binary_name": "python-configobj-doc", "binary_version": "5.0.6-2ubuntu0.16.04.1~esm1" }, { "binary_name": "python3-configobj", "binary_version": "5.0.6-2ubuntu0.16.04.1~esm1" } ] }
{ "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro", "binaries": [ { "binary_name": "python-configobj", "binary_version": "5.0.6-2ubuntu0.18.04.1~esm1" }, { "binary_name": "python-configobj-doc", "binary_version": "5.0.6-2ubuntu0.18.04.1~esm1" }, { "binary_name": "python3-configobj", "binary_version": "5.0.6-2ubuntu0.18.04.1~esm1" } ] }