- Vulnerability/
- USN-1314-1
USN-1314-1: Python 3 vulnerabilities
First published: Mon Dec 19 2011(Updated: )
Giampaolo Rodola discovered that the smtpd module in Python 3 did not properly handle certain error conditions. A remote attacker could exploit this to cause a denial of service via daemon outage. This issue only affected Ubuntu 10.04 LTS. (CVE-2010-3493) Niels Heinen discovered that the urllib module in Python 3 would process Location headers that specify a file:// URL. A remote attacker could use this to obtain sensitive information or cause a denial of service via resource consumption. (CVE-2011-1521)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/python3.1-minimal | <3.1.3-1ubuntu1.1 | 3.1.3-1ubuntu1.1 |
| Ubuntu Ubuntu | =11.04 | |
| All of | ||
| ubuntu/python3.2-minimal | <3.2-1ubuntu1.1 | 3.2-1ubuntu1.1 |
| Ubuntu Ubuntu | =11.04 | |
| All of | ||
| ubuntu/python3.1-minimal | <3.1.2+20100915-0ubuntu4.1 | 3.1.2+20100915-0ubuntu4.1 |
| Ubuntu Ubuntu | =10.10 | |
| All of | ||
| ubuntu/python3.1-minimal | <3.1.2-0ubuntu3.1 | 3.1.2-0ubuntu3.1 |
| Ubuntu Ubuntu | =10.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2010-3493
- https://ubuntu.com/security/CVE-2011-1521
- https://ubuntu.com/security/notices/USN-1613-1
- https://ubuntu.com/security/notices/USN-1613-2
- https://ubuntu.com/security/notices/USN-1596-1
- https://ubuntu.com/security/notices/USN-1592-1
- https://launchpad.net/ubuntu/+source/python3.1/3.1.3-1ubuntu1.1
- https://launchpad.net/ubuntu/+source/python3.2/3.2-1ubuntu1.1
- https://launchpad.net/ubuntu/+source/python3.1/3.1.2+20100915-0ubuntu4.1
- https://launchpad.net/ubuntu/+source/python3.1/3.1.2-0ubuntu3.1
- https://ubuntu.com/security/notices/USN-1314-1 (Advisory)
Frequently Asked Questions
What is the severity of USN-1314-1?
USN-1314-1 has a severity of moderate.
How does the smtpd module vulnerability in Python 3 impact Ubuntu 10.04 LTS?
The smtpd module vulnerability in Python 3 can cause a denial of service via daemon outage on Ubuntu 10.04 LTS.
What is the remedy for the smtpd module vulnerability in Python 3 affecting Ubuntu 10.04 LTS?
The remedy for the smtpd module vulnerability in Python 3 affecting Ubuntu 10.04 LTS is to update the python3.1-minimal package to version 3.1.3-1ubuntu1.1 or later.
What is the impact of the urllib module vulnerability in Python 3 on Ubuntu 11.04?
The urllib module vulnerability in Python 3 does not affect Ubuntu 11.04.
What are the remediation steps for the urllib module vulnerability in Python 3 affecting Ubuntu 11.04?
No remediation steps are required for the urllib module vulnerability in Python 3 as it does not affect Ubuntu 11.04.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- anchor-related/USN-1613-1
- anchor-related/USN-1613-2
- anchor-related/USN-1596-1
- anchor-related/USN-1592-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/11.04
- version/ubuntu ubuntu/10.10
- version/ubuntu ubuntu/10.04