First published: Thu Sep 22 2022(Updated: )
It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/libpython3.5-stdlib | <3.5.2-2ubuntu0~16.04.13+esm5 | 3.5.2-2ubuntu0~16.04.13+esm5 |
=16.04 | ||
All of | ||
ubuntu/libpython3.5-minimal | <3.5.2-2ubuntu0~16.04.13+esm5 | 3.5.2-2ubuntu0~16.04.13+esm5 |
=16.04 | ||
All of | ||
ubuntu/python3.5 | <3.5.2-2ubuntu0~16.04.13+esm5 | 3.5.2-2ubuntu0~16.04.13+esm5 |
=16.04 | ||
All of | ||
ubuntu/python3.5-minimal | <3.5.2-2ubuntu0~16.04.13+esm5 | 3.5.2-2ubuntu0~16.04.13+esm5 |
=16.04 | ||
All of | ||
ubuntu/libpython3.5 | <3.5.2-2ubuntu0~16.04.13+esm5 | 3.5.2-2ubuntu0~16.04.13+esm5 |
=16.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability associated with USN-5629-1 is the Python http.server module incorrectly handling certain URIs.
An attacker can potentially use the Python vulnerability in USN-5629-1 to redirect web traffic.
The affected software in USN-5629-1 includes libpython3.5-stdlib, libpython3.5-minimal, python3.5, python3.5-minimal, and libpython3.5 for Ubuntu 16.04.
To fix the vulnerability in USN-5629-1, you should update libpython3.5-stdlib, libpython3.5-minimal, python3.5, python3.5-minimal, and libpython3.5 to version 3.5.2-2ubuntu0~16.04.13+esm5 (or higher) for Ubuntu 16.04.
You can find more information about USN-5629-1 on the Ubuntu Security Notices website.