CLSA-2025-1742379028

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLSA-2025-1742379028

Upstream

CVE-2024-11168

CVE-2024-4032

CVE-2025-0938

Published

2025-03-19T10:10:33Z

Modified

2026-06-04T09:46:39.314400816Z

Summary

Fix CVE(s): CVE-2024-11168, CVE-2024-4032, CVE-2025-0938

Details

SECURITY UPDATE: Improper validation of bracketed hosts in urllib
- debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format
- CVE-2024-11168
SECURITY UPDATE: Incomplete validation of bracketed hosts in urllib
- debian/patches/CVE-2025-0938.patch: disallow square brackets ([ and ]) in domain names for parsed URLs
- CVE-2025-0938
SECURITY UPDATE: Incorrent information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private” in ipaddress module
- debian/patches/CVE-2024-4032.patch: fix "private" (non-global) IP address ranges
- CVE-2024-4032

References

https://errata.cloudlinux.com/ubuntu16-els/CLSA-2025-1742379028.html

Affected packages

TuxCare:Ubuntu:16.04

idle-python3.5

Package

Name: idle-python3.5
Purl: pkg:deb/tuxcare/idle-python3.5?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

libpython3.5

Package

Name: libpython3.5
Purl: pkg:deb/tuxcare/libpython3.5?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

libpython3.5-dev

Package

Name: libpython3.5-dev
Purl: pkg:deb/tuxcare/libpython3.5-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

libpython3.5-minimal

Package

Name: libpython3.5-minimal
Purl: pkg:deb/tuxcare/libpython3.5-minimal?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

libpython3.5-stdlib

Package

Name: libpython3.5-stdlib
Purl: pkg:deb/tuxcare/libpython3.5-stdlib?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

libpython3.5-testsuite

Package

Name: libpython3.5-testsuite
Purl: pkg:deb/tuxcare/libpython3.5-testsuite?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

python3.5

Package

Name: python3.5
Purl: pkg:deb/tuxcare/python3.5?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

python3.5-dev

Package

Name: python3.5-dev
Purl: pkg:deb/tuxcare/python3.5-dev?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

python3.5-doc

Package

Name: python3.5-doc
Purl: pkg:deb/tuxcare/python3.5-doc?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

python3.5-examples

Package

Name: python3.5-examples
Purl: pkg:deb/tuxcare/python3.5-examples?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

python3.5-minimal

Package

Name: python3.5-minimal
Purl: pkg:deb/tuxcare/python3.5-minimal?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"

python3.5-venv

Package

Name: python3.5-venv
Purl: pkg:deb/tuxcare/python3.5-venv?distro=ubuntu-16.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.2-2ubuntu0~16.04.13+tuxcare.els19

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1742379028.json"