[ubuntu/bionic-updates] python2.7 2.7.17-1~18.04ubuntu1.7 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Mar 28 10:28:28 UTC 2022
python2.7 (2.7.17-1~18.04ubuntu1.7) bionic-security; urgency=medium
* SECURITY UPDATE: Expose sensitive information
- debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class
behavior to not trust the IPv4 address sent from the remote
server when setting up a passive data channel in
resposne in Lib/ftplib.py, Lib/test/test_ftplib.py.
- CVE-2021-4189
* SECURITY UPDATE: Injection Attack
- debian/patches/CVE-2022-0391.patch: sanitize urls in urlparse
when it containing ASCII newline and tabs in
Lib/test/test_urlparse.py,
Lib/urlparse.py.
- CVE-2022-0391
Date: 2022-03-18 16:02:09.858583+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/python2.7/2.7.17-1~18.04ubuntu1.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list