来源:Ubuntu官网
发布日期:2020-10-14
阅读次数:3258
评论:0
更新标题
USN-4581-1: Python vulnerability
更新详情
python2.7, python3.4, python3.5, python3.6 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Ubuntu 12.04 ESM
Summary
Python could be used to perform a CRLF injection if it received a specially crafted request.
Software Description
python2.7 - An interactive high-level object-oriented language
python3.6 - An interactive high-level object-oriented language
python3.5 - An interactive high-level object-oriented language
python3.4 - An interactive high-level object-oriented language
Details
It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS
python2.7 - 2.7.17-1~18.04ubuntu1.2
python2.7-minimal - 2.7.17-1~18.04ubuntu1.2
python3.6 - 3.6.9-1~18.04ubuntu1.3
python3.6-minimal - 3.6.9-1~18.04ubuntu1.3
Ubuntu 16.04 LTS
python2.7 - 2.7.12-1ubuntu0~16.04.13
python2.7-minimal - 2.7.12-1ubuntu0~16.04.13
python3.5 - 3.5.2-2ubuntu0~16.04.12
python3.5-minimal - 3.5.2-2ubuntu0~16.04.12
Ubuntu 14.04 ESM
python2.7 - 2.7.6-8ubuntu0.6+esm7
python2.7-minimal - 2.7.6-8ubuntu0.6+esm7
python3.4 - 3.4.3-1ubuntu1~14.04.7+esm8
python3.4-minimal - 3.4.3-1ubuntu1~14.04.7+esm8
Ubuntu 12.04 ESM
python2.7 - 2.7.3-0ubuntu3.19
python2.7-minimal - 2.7.3-0ubuntu3.19
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
CVE-2020-26116
]]>
软件描述
Ubuntu是一个以桌面应用为主的Linux操作系统
评论