First published: Wed Mar 03 2021(Updated: )
USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177. We apologize for the inconvenience. Original advisory details: It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/python2.7 | <2.7.17-1~18.04ubuntu1.6 | 2.7.17-1~18.04ubuntu1.6 |
=18.04 | ||
All of | ||
ubuntu/python2.7-minimal | <2.7.17-1~18.04ubuntu1.6 | 2.7.17-1~18.04ubuntu1.6 |
=18.04 | ||
All of | ||
ubuntu/python2.7 | <2.7.12-1ubuntu0~16.04.18 | 2.7.12-1ubuntu0~16.04.18 |
=16.04 | ||
All of | ||
ubuntu/python2.7-minimal | <2.7.12-1ubuntu0~16.04.18 | 2.7.12-1ubuntu0~16.04.18 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Python 2.7 vulnerability is USN-4754-4.
This update reinstates the security fix for CVE-2021-3177.
The Python 2.7 packages 'python2.7' and 'python2.7-minimal' with versions up to '2.7.17-1~18.04ubuntu1.6' on Ubuntu 18.04, and versions up to '2.7.12-1ubuntu0~16.04.18' on Ubuntu 16.04 are affected.
To fix the Python 2.7 vulnerability, update the 'python2.7' and 'python2.7-minimal' packages to version '2.7.17-1~18.04ubuntu1.6' on Ubuntu 18.04, and version '2.7.12-1ubuntu0~16.04.18' on Ubuntu 16.04.
You can find more information about this vulnerability on the Ubuntu Security Notices page: [USN-4754-1] [USN-4754-3].