The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libpython2.7-dbg": "2.7.6-8ubuntu0.2", "libpython2.7-dbgsym": "2.7.6-8ubuntu0.2", "libpython2.7-stdlib-dbgsym": "2.7.6-8ubuntu0.2", "python2.7-examples": "2.7.6-8ubuntu0.2", "libpython2.7-minimal-dbgsym": "2.7.6-8ubuntu0.2", "python2.7-dbg": "2.7.6-8ubuntu0.2", "python2.7-dev-dbgsym": "2.7.6-8ubuntu0.2", "python2.7-dev": "2.7.6-8ubuntu0.2", "libpython2.7-testsuite": "2.7.6-8ubuntu0.2", "python2.7-minimal": "2.7.6-8ubuntu0.2", "libpython2.7-minimal": "2.7.6-8ubuntu0.2", "python2.7": "2.7.6-8ubuntu0.2", "libpython2.7": "2.7.6-8ubuntu0.2", "libpython2.7-dev-dbgsym": "2.7.6-8ubuntu0.2", "libpython2.7-stdlib": "2.7.6-8ubuntu0.2", "python2.7-doc": "2.7.6-8ubuntu0.2", "python2.7-minimal-dbgsym": "2.7.6-8ubuntu0.2", "idle-python2.7": "2.7.6-8ubuntu0.2", "python2.7-dbgsym": "2.7.6-8ubuntu0.2", "libpython2.7-dev": "2.7.6-8ubuntu0.2" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python3.4-dbg": "3.4.0-2ubuntu1.1", "python3.4-minimal": "3.4.0-2ubuntu1.1", "libpython3.4-dbgsym": "3.4.0-2ubuntu1.1", "libpython3.4-stdlib": "3.4.0-2ubuntu1.1", "python3.4-dev-dbgsym": "3.4.0-2ubuntu1.1", "libpython3.4-dbg": "3.4.0-2ubuntu1.1", "libpython3.4-stdlib-dbgsym": "3.4.0-2ubuntu1.1", "libpython3.4-minimal": "3.4.0-2ubuntu1.1", "libpython3.4-dev-dbgsym": "3.4.0-2ubuntu1.1", "python3.4-minimal-dbgsym": "3.4.0-2ubuntu1.1", "python3.4-dbgsym": "3.4.0-2ubuntu1.1", "libpython3.4": "3.4.0-2ubuntu1.1", "libpython3.4-testsuite": "3.4.0-2ubuntu1.1", "libpython3.4-minimal-dbgsym": "3.4.0-2ubuntu1.1", "python3.4-doc": "3.4.0-2ubuntu1.1", "idle-python3.4": "3.4.0-2ubuntu1.1", "libpython3.4-dev": "3.4.0-2ubuntu1.1", "python3.4-dev": "3.4.0-2ubuntu1.1", "python3.4-examples": "3.4.0-2ubuntu1.1", "python3.4": "3.4.0-2ubuntu1.1" } ] }