Advisory: CLSA-2025:1767089506
OS: Debian 13
Public date: 2025-12-30 10:11:48.866403
Project: python
Version: 3.7.17-7
Errata link: https://errata.tuxcare.com/els_alt_python/debian13/CLSA-2025-1767089506.html
* SECURITY UPDATE: Bypass of domain e-mail-based protection mechanism by incorrect parsing of e-mail addresses that contain a special character - debian/patches/CVE-2023-27043.patch: reject malformed addresses in email.parseaddr() - CVE-2023-27043 * SECURITY UPDATE: Bypass of the TLS handshake and included protections - debian/patches/CVE-2023-40217.patch: check for & avoid the ssl pre-close flaw - CVE-2023-40217
Update command: apt-get update apt-get --only-upgrade install alt-python*
alt-python37_3.7.17-7_amd64.deb alt-python37-debug_3.7.17-7_amd64.deb alt-python37-devel_3.7.17-7_amd64.deb alt-python37-libs_3.7.17-7_amd64.deb alt-python37-test_3.7.17-7_amd64.deb alt-python37-tkinter_3.7.17-7_amd64.deb alt-python37-tools_3.7.17-7_amd64.deb