USN-4581-1: Python vulnerability

Reference Links

• https://ubuntu.com/security/CVE-2020-26116
• https://ubuntu.com/security/notices/USN-4754-3
• https://ubuntu.com/security/notices/USN-6891-1
• https://launchpad.net/ubuntu/+source/python2.7/2.7.17-1~18.04ubuntu1.2
• https://launchpad.net/ubuntu/+source/python3.6/3.6.9-1~18.04ubuntu1.3
• https://launchpad.net/ubuntu/+source/python2.7/2.7.12-1ubuntu0~16.04.13
• https://launchpad.net/ubuntu/+source/python3.5/3.5.2-2ubuntu0~16.04.12
• https://launchpad.net/ubuntu/+source/python2.7/2.7.6-8ubuntu0.6+esm7
• https://launchpad.net/ubuntu/+source/python3.4/3.4.3-1ubuntu1~14.04.7+esm8
• https://launchpad.net/ubuntu/+source/python2.7/2.7.3-0ubuntu3.19
• https://ubuntu.com/security/notices/USN-4581-1 (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

• CVE-2020-26116

Frequently Asked Questions

• What is the vulnerability ID of this Python vulnerability?

  The vulnerability ID of this Python vulnerability is USN-4581-1.

• What is the impact of this vulnerability?

  This vulnerability allows a remote attacker to perform CRLF injection.

• Which versions of Python are affected by this vulnerability?

  The affected versions of Python are 2.7.17-1~18.04ubuntu1.2, 3.6.9-1~18.04ubuntu1.3, 2.7.12-1ubuntu0~16.04.13, 3.5.2-2ubuntu0~16.04.12, 2.7.6-8ubuntu0.6+esm7, 3.4.3-1ubuntu1~14.04.7+esm8, and 2.7.3-0ubuntu3.19.

• How can I fix this Python vulnerability?

  To fix this vulnerability, update Python to version 2.7.17-1~18.04ubuntu1.2, 3.6.9-1~18.04ubuntu1.3, 2.7.12-1ubuntu0~16.04.13, 3.5.2-2ubuntu0~16.04.12, 2.7.6-8ubuntu0.6+esm7, 3.4.3-1ubuntu1~14.04.7+esm8, or 2.7.3-0ubuntu3.19.

• Where can I find more information about this vulnerability?

  You can find more information about this vulnerability at the following references: [USN-4754-3](https://ubuntu.com/security/notices/USN-4754-3) and [CVE-2020-26116](https://ubuntu.com/security/CVE-2020-26116).