Advisory: CLSA-2024:1724260328
OS: Ubuntu 16.04 ELS
Public date: 2024-08-21 13:12:10
Project: python3.5
Version: 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els14
Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2024-1724260328.html
* SECURITY UPDATE: exploit “quoted-overlap” zip-bombs with a high compression ratio - debian/patches/CVE-2024-0450.patch: Protect zipfile from "quoted-overlap" zipbomb - CVE-2024-0450 * replace TLSv1 by TLSv1.2 since TLSv1 is not supported in the following tests: - Lib/test/test_ftplib.py - Lib/test/test_httplib.py - Lib/test/test_poplib.py - Lib/test/test_ssl.py - Lib/test/test_urllib2_localnet.py
Update command: apt-get update apt-get --only-upgrade install python3.5*
idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_all.deb python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els14_amd64.deb