USN-5342-3

Source
https://ubuntu.com/security/notices/USN-5342-3
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5342-3.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5342-3
Related
Published
2022-05-23T08:53:04.914381Z
Modified
2022-05-23T08:53:04.914381Z
Summary
python3.7 vulnerability
Details

USN-5342-1 fixed several vulnerabilities in Python. This update provides the corresponding fix for CVE-2021-3426 for Ubuntu 18.04 ESM.

Original advisory details:

David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426)

It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 LTS. (CVE-2021-4189)

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2022-0391)

References

Affected packages

Ubuntu:Pro:18.04:LTS / python3.7

Package

Name
python3.7
Purl
pkg:deb/ubuntu/python3.7?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.7.5-2ubuntu1~18.04.2+esm1

Affected versions

3.*

3.7.0~a2-1
3.7.0~a3-1
3.7.0~a3-2
3.7.0~a3-3
3.7.0~a4-1
3.7.0~b1-1
3.7.0~b1-1build1
3.7.0~b2-1
3.7.0~b3-1
3.7.0-1~18.04
3.7.1-1~18.04
3.7.3-2~18.04.1
3.7.5-2~18.04
3.7.5-2~18.04.4
3.7.5-2ubuntu1~18.04.2

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "idle-python3.7"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "libpython3.7"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "libpython3.7-dbg"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "libpython3.7-dev"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "libpython3.7-minimal"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "libpython3.7-stdlib"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "libpython3.7-testsuite"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7-dbg"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7-dev"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7-doc"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7-examples"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7-minimal"
        },
        {
            "binary_version": "3.7.5-2ubuntu1~18.04.2+esm1",
            "binary_name": "python3.7-venv"
        }
    ]
}