python3.5 (3.5.2-2ubuntu0~16.04.10) xenial-security; urgency=medium
* SECURITY UPDATE: CRLF injection
- debian/patches/CVE-2019-18348.patch: disallow control characters
in hostnames in http.client in Lib/http/client.py,
Lib/test/test_urllib.py.
- CVE-2019-18348
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2020-8492.patch: fix the regex to prevent
the regex denial of service in Lib/urllib/request.py,
- CVE-2020-8492
Date: 2020-04-17 14:43:14.795137+00:00
Changed-By: [email protected] (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/python3.5/3.5.2-2ubuntu0~16.04.10
Sorry, changesfile not available.
--
Xenial-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
