UbuntuUpdates.org

Package "python3.8"

Name: python3.8

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • IDE for Python (v3.8) using Tkinter
  • Testsuite for the Python standard library (v3.8)
  • Python Interpreter with complete class library (version 3.8)
  • Interactive high-level object-oriented language (pyvenv binary, version 3.8)

Latest version: 3.8.10-0ubuntu1~20.04.1
Release: focal (20.04)
Level: security
Repository: universe

Links



Other versions of "python3.8" in Focal

Repository Area Version
base universe 3.8.2-1ubuntu1
base main 3.8.2-1ubuntu1
security main 3.8.10-0ubuntu1~20.04.1
updates universe 3.8.10-0ubuntu1~20.04.1
updates main 3.8.10-0ubuntu1~20.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.8.2-1ubuntu1.2 2020-07-22 15:06:25 UTC

  python3.8 (3.8.2-1ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: Infinite loop
    - debian/patches/CVE-2019-20907.patch: avoid infinite loop in the
      tarfile module in Lib/tarfile.py, Lib/test/test_tarfile.py and add
      Lib/test/recursion.tar binary for test.
    - CVE-2019-20907
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2020-14422.patch: Resolve hash collisions for
      IPv4Interface and IPv6Interface in Lib/ipaddress.py,
      Lib/test/test_ipaddress.py.
    - CVE-2020-14422

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 16 Jul 2020 11:00:26 -0300

Source diff to previous version
CVE-2019-20907 In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, becaus
CVE-2020-14422 Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote a

Version: 3.8.2-1ubuntu1.1 2020-04-30 13:07:08 UTC
No changelog available yet.



About   -   Send Feedback to @ubuntu_updates