UbuntuUpdates.org

Package "python3.12-gdbm"

Name: python3.12-gdbm

Description:

GNU dbm database support for Python (v3.12)
Latest version: 3.12.7-1ubuntu2
Release: oracular (24.10)
Level: security
Repository: main
Head package: python3.12

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "python3.12-gdbm"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "python3.12-gdbm" in Oracular

Repository Area Version
updates main 3.12.7-1ubuntu2

Changelog

Version: 3.12.7-1ubuntu2 2025-02-20 23:07:32 UTC

  python3.12 (3.12.7-1ubuntu2) oracular-security; urgency=medium

  * SECURITY UPDATE: urlparse does not flag hostname with square brackets
    as incorrect
    - debian/patches/CVE-2025-0938.patch: disallow square brackets in
      domain names for parsed URLs in Lib/test/test_urlparse.py,
      Lib/urllib/parse.py.
    - CVE-2025-0938

 -- Marc Deslauriers <email address hidden> Tue, 04 Feb 2025 09:46:03 -0500
Source diff to previous version
CVE-2025-0938 The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid ac

Version: 3.12.7-1ubuntu1.1 2025-01-20 19:07:08 UTC

  python3.12 (3.12.7-1ubuntu1.1) oracular-security; urgency=medium

  * SECURITY UPDATE: memory exhaustion issue in asyncio
    - debian/patches/CVE-2024-12254.patch: ensure to pause the protocol if
      needed in Lib/asyncio/selector_events.py,
      Lib/test/test_asyncio/test_selector_events.py.
    - CVE-2024-12254

 -- Marc Deslauriers <email address hidden> Fri, 17 Jan 2025 11:55:27 -0500
Source diff to previous version
CVE-2024-12254 Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain t

Version: 3.12.7-1ubuntu1 2024-11-19 15:07:23 UTC

  python3.12 (3.12.7-1ubuntu1) oracular-security; urgency=medium

  * SECURITY UPDATE: incorrect quoting in venv module
    - debian/patches/CVE-2024-9287.patch: quote template strings in venv
      activation scripts in Lib/test/test_venv.py, Lib/venv/__init__.py,
      Lib/venv/scripts/common/activate, Lib/venv/scripts/nt/activate.bat,
      Lib/venv/scripts/posix/activate.csh,
      Lib/venv/scripts/posix/activate.fish.
    - CVE-2024-9287

 -- Marc Deslauriers <email address hidden> Wed, 06 Nov 2024 13:29:01 -0500
CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted pro


About   -   Send Feedback to @ubuntu_updates