USN-3496-2: Python vulnerability

28 November 2017

Python could be made to run arbitrary code.

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Releases

USN-3496-1 fixed a vulnerability in Python. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that Python incorrectly handled decoding certain strings.
An attacker could possibly use this issue to execute arbitrary code.

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

The problem can be corrected by updating your system to the following package versions:

In general, a standard system update will make all the necessary changes.

USN-3496-1: python2.7-examples, libpython2.7, python2.7, libpython2.7-stdlib, idle-python2.7, python2.7-minimal, libpython2.7-minimal, python2.7-doc, python2.7-dev, libpython2.7-dev, libpython2.7-testsuite
USN-3496-3: python3.5-doc, libpython3.4-stdlib, python3.5-minimal, python3.4-venv, python3.5, libpython3.5-minimal, libpython3.5-dev, python3.5-examples, libpython3.4-minimal, python3.5-dev, idle-python3.4, python3.4-minimal, python3.4-examples, libpython3.5-stdlib, libpython3.5, libpython3.4, libpython3.4-dev, libpython3.4-testsuite, python3.4, python3.4-dev, python3.5-venv, idle-python3.5, libpython3.5-testsuite, python3.4-doc

Ubuntu Pro provides up to ten-year security coverage for over 23,000 open-source packages within the Ubuntu Main and Universe repositories.