1. Ubuntu Security Notices
  2. USN-3134-1

USN-3134-1: Python vulnerabilities

Publication date

22 November 2016

Overview

Several security issues were fixed in Python.

Releases

Packages

  • python2.7 - An interactive high-level object-oriented language
  • python3.2 - An interactive high-level object-oriented language
  • python3.4 - An interactive high-level object-oriented language
  • python3.5 - An interactive high-level object-oriented language

Details

It was discovered that the smtplib library in Python did not return an
error when StartTLS fails. A remote attacker could possibly use this to
expose sensitive information. (CVE-2016-0772)

Rémi Rampin discovered that Python would not protect CGI applications
from contents of the HTTP_PROXY environment variable when based on
the contents of the Proxy header from HTTP requests. A remote attacker
could possibly use this to cause a CGI application to redirect outgoing
HTTP requests. (CVE-2016-1000110)

Insu Yun discovered an integer overflow in the zipimporter module in
Python that could lead to a heap-based overflow. An attacker could
use this to craft a special zip file that when read by Python could
possibly execute arbitrary code. (CVE-2016-5636)

Guido Vranken discovered that the urllib modules in Python...

It was discovered that the smtplib library in Python did not return an
error when StartTLS fails. A remote attacker could possibly use this to
expose sensitive information. (CVE-2016-0772)

Rémi Rampin discovered that Python would not protect CGI applications
from contents of the HTTP_PROXY environment variable when based on
the contents of the Proxy header from HTTP requests. A remote attacker
could possibly use this to cause a CGI application to redirect outgoing
HTTP requests. (CVE-2016-1000110)

Insu Yun discovered an integer overflow in the zipimporter module in
Python that could lead to a heap-based overflow. An attacker could
use this to craft a special zip file that when read by Python could
possibly execute arbitrary code. (CVE-2016-5636)

Guido Vranken discovered that the urllib modules in Python did
not properly handle carriage return line feed (CRLF) in headers. A
remote attacker could use this to craft URLs that inject arbitrary
HTTP headers. This issue only affected Ubuntu 12.04 LTS and Ubuntu
14.04 LTS. (CVE-2016-5699)

Update instructions

After a standard system update you need to restart any Python applications to make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
16.04 xenial libpython2.7 –  2.7.12-1ubuntu0~16.04.1
libpython2.7-minimal –  2.7.12-1ubuntu0~16.04.1
libpython2.7-stdlib –  2.7.12-1ubuntu0~16.04.1
libpython3.5 –  3.5.2-2ubuntu0~16.04.1
libpython3.5-minimal –  3.5.2-2ubuntu0~16.04.1
libpython3.5-stdlib –  3.5.2-2ubuntu0~16.04.1
python2.7 –  2.7.12-1ubuntu0~16.04.1
python2.7-minimal –  2.7.12-1ubuntu0~16.04.1
python3.5 –  3.5.2-2ubuntu0~16.04.1
python3.5-minimal –  3.5.2-2ubuntu0~16.04.1
14.04 trusty libpython2.7 –  2.7.6-8ubuntu0.3
libpython2.7-minimal –  2.7.6-8ubuntu0.3
libpython2.7-stdlib –  2.7.6-8ubuntu0.3
libpython3.4 –  3.4.3-1ubuntu1~14.04.5
libpython3.4-minimal –  3.4.3-1ubuntu1~14.04.5
libpython3.4-stdlib –  3.4.3-1ubuntu1~14.04.5
python2.7 –  2.7.6-8ubuntu0.3
python2.7-minimal –  2.7.6-8ubuntu0.3
python3.4 –  3.4.3-1ubuntu1~14.04.5
python3.4-minimal –  3.4.3-1ubuntu1~14.04.5
12.04 precise libpython2.7 –  2.7.3-0ubuntu3.9
libpython3.2 –  3.2.3-0ubuntu3.8
python2.7 –  2.7.3-0ubuntu3.9
python2.7-minimal –  2.7.3-0ubuntu3.9
python3.2 –  3.2.3-0ubuntu3.8
python3.2-minimal –  3.2.3-0ubuntu3.8

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›