USN-6513-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.
Original advisory details:
It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. (CVE-2022-48564)
It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake. (CVE-2023-40217)
{ "availability": "No subscription required", "binaries": [ { "binary_name": "idle-python3.8", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "libpython3.8", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "libpython3.8-dbg", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "libpython3.8-dev", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "libpython3.8-minimal", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "libpython3.8-stdlib", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "libpython3.8-testsuite", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-dbg", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-dev", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-doc", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-examples", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-full", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-minimal", "binary_version": "3.8.10-0ubuntu1~20.04.9" }, { "binary_name": "python3.8-venv", "binary_version": "3.8.10-0ubuntu1~20.04.9" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "idle-python3.10", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "libpython3.10", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "libpython3.10-dbg", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "libpython3.10-dev", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "libpython3.10-minimal", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "libpython3.10-stdlib", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "libpython3.10-testsuite", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-dbg", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-dev", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-doc", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-examples", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-full", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-minimal", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-nopie", "binary_version": "3.10.12-1~22.04.3" }, { "binary_name": "python3.10-venv", "binary_version": "3.10.12-1~22.04.3" } ] }