Release Info

Advisory: CLSA-2025:1759510077

OS: Ubuntu 16.04

Public date: 2025-10-03 16:48:01.108238

Project: python

Version: 2.7.18-3

Errata link: https://errata.tuxcare.com/els_alt_python/ubuntu16.04/CLSA-2025-1759510077.html

Changelog

* SECURITY UPDATE: zip bomb vulnerability in Lib/zipfile.py - debian/patches/CVE-2019-9674.patch: add pitfalls to zipfile module documentation - CVE-2019-9674 * SECURITY UPDATE: Infinite loop - debian/patches/CVE-2019-20907.patch: avoid infinite loop in the tarfile module in Lib/tarfile.py, Lib/test/test_tarfile.py. - CVE-2019-20907

Update

Update command: apt-get update apt-get --only-upgrade install alt-python*

Packages list

alt-python27_2.7.18-3_amd64.deb alt-python27-debug_2.7.18-3_amd64.deb alt-python27-devel_2.7.18-3_amd64.deb alt-python27-idle_2.7.18-3_amd64.deb alt-python27-libs_2.7.18-3_amd64.deb alt-python27-test_2.7.18-3_amd64.deb alt-python27-tkinter_2.7.18-3_amd64.deb alt-python27-tools_2.7.18-3_amd64.deb

CVEs

CVE-2019-9674
CVE-2019-20907