UbuntuUpdates.org

Package "micropython"

Name: micropython

Description:

Unix/Linux port of MicroPython for board-independent use on the host
Latest version: 1.22.1+ds-1ubuntu0.24.10.1
Release: oracular (24.10)
Level: updates
Repository: universe
Homepage: https://micropython.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "micropython"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "micropython" in Oracular

Repository Area Version
base universe 1.22.1+ds-1build2
security universe 1.22.1+ds-1ubuntu0.24.10.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.22.1+ds-1ubuntu0.24.10.1 2025-05-01 16:07:07 UTC

  micropython (1.22.1+ds-1ubuntu0.24.10.1) oracular-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow in extmod/vfs.c
    - debian/patches/CVE-2024-8946.patch: Fix buffer overflow of string
      comparison in umount.
    - CVE-2024-8946

  * SECURITY UPDATE: Use-after-free in py/objarray.c.
    - debian/patches/CVE-2024-8947.patch: Fix use-after-free if extending
      a bytearray from itself.
    - CVE-2024-8947

  * SECURITY UPDATE: Buffer overflow vulnerability in stm32_mw_usb_host
    - debian/patches/CVE-2021-42553.patch: Fix buffer overflow.
    - CVE-2021-42553

 -- Nick Galanis <email address hidden> Tue, 15 Apr 2025 13:14:48 +0300
CVE-2024-8946 A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mp_vfs_umount of the file extmod/vfs.c
CVE-2024-8947 A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the
CVE-2021-42553 A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when


About   -   Send Feedback to @ubuntu_updates