<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="gmail_quote">==============================<wbr>==============================<wbr>==============<br>
Ubuntu Security Notice USN-5888-1<br>
February 27, 2023<br>
<br>
python3.9 vulnerabilities<br>
==============================<wbr>==============================<wbr>==============<br>
<br>
A security issue affects these releases of Ubuntu and its
derivatives:<br>
<br>
- Ubuntu 20.04 LTS<br>
<br>
Summary:<br>
<br>
Several security issues were fixed in Python.<br>
<br>
Software Description:<br>
- python3.9: An interactive high-level object-oriented language<br>
<br>
Details:<br>
<br>
It was discovered that Python incorrectly handled certain inputs.
If a<br>
user or an automated system were tricked into opening a specially<br>
crafted input file, a remote attacker could possibly use this
issue to<br>
execute arbitrary code. (CVE-2015-20107)<br>
<br>
Hamza Avvan discovered that Python incorrectly handled certain
inputs. If a<br>
user or an automated system were tricked into running a specially<br>
crafted input, a remote attacker could possibly use this issue to
execute<br>
arbitrary code. (CVE-2021-28861)<br>
<br>
It was discovered that Python incorrectly handled certain inputs.
If a<br>
user or an automated system were tricked into running a specially<br>
crafted input, a remote attacker could possibly use this issue to
execute<br>
arbitrary code. (CVE-2022-37454, CVE-2022-42919)<br>
<br>
It was discovered that Python incorrectly handled certain inputs.
If a<br>
user or an automated system were tricked into running a specially<br>
crafted input, a remote attacker could possibly use this issue to
cause a<br>
denial of service. (CVE-2022-45061, CVE-2023-24329)<br>
<br>
Update instructions:<br>
<br>
The problem can be corrected by updating your system to the
following<br>
package versions:<br>
<br>
Ubuntu 20.04 LTS:<br>
python3.9 3.9.5-3ubuntu0~20.04.1+esm1<br>
python3.9-minimal 3.9.5-3ubuntu0~20.04.1+esm1<br>
<br>
In general, a standard system update will make all the necessary
changes.<br>
<br>
References:<br>
<span> </span><a
href="https://ubuntu.com/security/notices/USN-5888-1"
rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://ubuntu.com/security/notices/USN-5888-1&source=gmail&ust=1677662844818000&usg=AOvVaw2f3-D77CHLrZG0ZjTBHv_v"
style="color: rgb(17, 85, 204);">https://ubuntu.com/security/no<wbr>tices/USN-5888-1</a><br>
CVE-2015-20107, CVE-2021-28861, CVE-2022-37454, CVE-2022-42919,<br>
CVE-2022-45061, CVE-2023-24329<br>
<br>
Package Information:<br>
<span> </span><a
href="https://launchpad.net/ubuntu/+source/python3.9/3.9.5-3ubuntu0~20.04.1+esm1"
rel="noreferrer" target="_blank"
data-saferedirecturl="https://www.google.com/url?q=https://launchpad.net/ubuntu/%2Bsource/python3.9/3.9.5-3ubuntu0~20.04.1%2Besm1&source=gmail&ust=1677662844818000&usg=AOvVaw0kY1Mc9eqBlCJfmvlNFIqX"
style="color: rgb(17, 85, 204);">https://launchpad.net/ubuntu/+<wbr>source/python3.9/3.9.5-3ubuntu<wbr>0~20.04.1+esm1</a><br>
</div>
<br clear="all">
<div><br style="color: rgb(34, 34, 34); font-family: Arial,
Helvetica, sans-serif; font-size: small; font-style: normal;
font-variant-ligatures: normal; font-variant-caps: normal;
font-weight: 400; letter-spacing: normal; orphans: 2;
text-align: start; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-stroke-width: 0px; background-color: rgb(255, 255,
255); text-decoration-thickness: initial; text-decoration-style:
initial; text-decoration-color: initial;">
<br>
</div>
<p></p>
</body>
</html>