Package "configobj"

Name:	configobj
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: simple but powerful config file reader and writer (documentation) simple but powerful config file reader and writer for Python 3
Latest version:	5.0.6-4ubuntu0.1
Release:	focal (20.04)
Level:	security
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "configobj" in Focal

Repository	Area	Version
base	main	5.0.6-4
updates	main	5.0.6-4ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 5.0.6-4ubuntu0.1 2024-09-26 18:06:55 UTC

configobj (5.0.6-4ubuntu0.1) focal-security; urgency=medium * SECURITY UPDATE: ReDoS - debian/patches/CVE-2023-26112.patch: updates regex that can cause catastrophic backtracking when a match fails in validate.py and adds a test in tests/test_validate_errors.py. - CVE-2023-26112 -- Ian Constantin <email address hidden> Fri, 20 Sep 2024 15:02:40 +0300

CVE-2023-26112

All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using (.+?)\((.*)\).

About - Send Feedback to @ubuntu_updates

Package "configobj"

Links

Other versions of "configobj" in Focal

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates