Not a user yet?
Log in Register for free Suggest a product
Update

USN-7280-1: Python vulnerability

Ubuntu ServerUbuntu Server
Canonical

USN-7280-1: Python vulnerability
20 February 2025

Python could allow Server-Side Request Forgery attacks.

Releases
Ubuntu 24.10 Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS

Packages

  • python3.10 - An interactive high-level object-oriented language
  • python3.12 - An interactive high-level object-oriented language
  • python3.8 - An interactive high-level object-oriented language

Details
It was discovered that Python incorrectly handled parsing domain names that
included square brackets. A remote attacker could possibly use this issue
to perform a Server-Side Request Forgery (SSRF) attack.

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.10

  • python3.12 - 3.12.7-1ubuntu2
  • python3.12-minimal - 3.12.7-1ubuntu2
    Ubuntu 24.04
  • python3.12 - 3.12.3-1ubuntu0.5
  • python3.12-minimal - 3.12.3-1ubuntu0.5
    Ubuntu 22.04
  • python3.10 - 3.10.12-1~22.04.9
  • python3.10-minimal - 3.10.12-1~22.04.9
    Ubuntu 20.04
  • python3.8 - 3.8.10-0ubuntu1~20.04.15
  • python3.8-minimal - 3.8.10-0ubuntu1~20.04.15

In general, a standard system update will make all the necessary changes.

More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad