Not a user yet?
Log in Register for free Suggest a product
Update

USN-7886-1: Python vulnerabilities

Ubuntu ServerUbuntu Server
Canonical

USN-7886-1: Python vulnerabilities

Publication date: 24 November 2025
Overview: Several security issues were fixed in Python.

Packages

  • python3.10 - An interactive high-level object-oriented language
  • python3.11 - An interactive high-level object-oriented language
  • python3.12 - An interactive high-level object-oriented language
  • python3.4 - An interactive high-level object-oriented language
  • python3.5 - An interactive high-level object-oriented language
  • python3.6 - An interactive high-level object-oriented language
  • python3.7 - An interactive high-level object-oriented language
  • python3.8 - An interactive high-level object-oriented language
  • python3.9 - An interactive high-level object-oriented language

Details
It was discovered that Python inefficiently handled expanding system
environment variables. An attacker could possibly use this issue to cause
Python to consume excessive resources, leading to a denial of service.
(CVE-2025-6075)

Caleb Brown discovered that Python incorrectly handled the ZIP64 End of
Central Directory (EOCD) Locator record offset value. An attacker could
possibly use this issue to obfuscate malicious content. (CVE-2025-8291)

Update instructions
In general, a standard system update will make all the necessary changes.
The problem can be corrected by updating your system to the following package versions:

24.04 LTS

  • noble libpython3.12t64 – 3.12.3-1ubuntu0.9
  • python3.12 – 3.12.3-1ubuntu0.9

22.04 LTS

  • jammy idle-python3.11 – 3.11.0~rc1-1~22.04.1~esm6
  • libpython3.10 – 3.10.12-1~22.04.12
  • python3.10 – 3.10.12-1~22.04.12
  • python3.11 – 3.11.0~rc1-1~22.04.1~esm6

20.04 LTS

  • focal libpython3.8 – 3.8.10-0ubuntu1~20.04.18+esm3
  • libpython3.9 – 3.9.5-3ubuntu0~20.04.1+esm7
  • python3.8 – 3.8.10-0ubuntu1~20.04.18+esm3
  • python3.9 – 3.9.5-3ubuntu0~20.04.1+esm7

18.04 LTS

  • bionic libpython3.6 – 3.6.9-1~18.04ubuntu1.13+esm7
  • libpython3.7 – 3.7.5-2ubuntu1~18.04.2+esm8
  • libpython3.8 – 3.8.0-3ubuntu1~18.04.2+esm7
  • python3.6 – 3.6.9-1~18.04ubuntu1.13+esm7
  • python3.7 – 3.7.5-2ubuntu1~18.04.2+esm8
  • python3.8 – 3.8.0-3ubuntu1~18.04.2+esm7

16.04 LTS

  • xenial libpython3.5 – 3.5.2-2ubuntu0~16.04.13+esm20
  • python3.5 – 3.5.2-2ubuntu0~16.04.13+esm20

14.04 LTS

  • trusty libpython3.4 – 3.4.3-1ubuntu1~14.04.7+esm17
  • libpython3.5 – 3.5.2-2ubuntu0~16.04.4~14.04.1+esm8
  • python3.4 – 3.4.3-1ubuntu1~14.04.7+esm17
  • python3.5 – 3.5.2-2ubuntu0~16.04.4~14.04.1+esm8
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad