Advisory: CLSA-2025:1742379028
OS: Ubuntu 16.04 ELS
Public date: 2025-03-19 10:10:30
Project: python3.5
Version: 1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19
Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1742379028.html
* SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE: Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938 * SECURITY UPDATE: Incorrent information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private” in ipaddress module - debian/patches/CVE-2024-4032.patch: fix "private" (non-global) IP address ranges - CVE-2024-4032
Update command: apt-get update apt-get --only-upgrade install python3.5*
idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb