{"id":20702,"date":"2017-11-29T02:34:12","date_gmt":"2017-11-28T17:34:12","guid":{"rendered":"https:\/\/jirak.net\/wp\/usn-3496-2-python-vulnerability\/"},"modified":"2017-11-29T02:34:13","modified_gmt":"2017-11-28T17:34:13","slug":"usn-3496-2-python-vulnerability","status":"publish","type":"post","link":"https:\/\/jirak.net\/wp\/usn-3496-2-python-vulnerability\/","title":{"rendered":"USN-3496-2: Python vulnerability"},"content":{"rendered":"<p>USN-3496-2: Python vulnerability<\/p>\n<h2>Ubuntu Security Notice USN-3496-2<\/h2>\n<p><em>28th November, 2017<\/em><\/p>\n<h3>python2.7 vulnerability<\/h3>\n<p>A security issue affects these releases of Ubuntu and its<br \/>\n    derivatives:<\/p>\n<ul>\n<li>Ubuntu 12.04 LTS<\/li>\n<\/ul>\n<h3>Summary<\/h3>\n<p>Python could be made to run arbitrary code.\n<\/p>\n<h3>Software description<\/h3>\n<ul>\n<li>python2.7<br \/>\n    &#8211; An interactive high-level object-oriented language<\/p>\n<\/li>\n<\/ul>\n<h3>Details<\/h3>\n<p>USN-3496-1 fixed a vulnerability in Python. This update provides<br \/>the corresponding update for Ubuntu 12.04 ESM.<\/p>\n<p>Original advisory details:<\/p>\n<p> It was discovered that Python incorrectly handled decoding certain strings.<br \/> An attacker could possibly use this issue to execute arbitrary code.<\/p>\n<h3>Update instructions<\/h3>\n<p> The problem can be corrected by updating your system to the following<br \/>\npackage version:<\/p>\n<dl>\n<dt>Ubuntu 12.04 LTS:<\/dt>\n<dd>\n    <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/python2.7\">python2.7-minimal<\/a><br \/>\n    <span><br \/>\n        <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/python2.7\/2.7.3-0ubuntu3.10\">2.7.3-0ubuntu3.10<\/a><br \/>\n    <\/span>\n  <\/dd>\n<dd>\n    <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/python2.7\">python2.7<\/a><br \/>\n    <span><br \/>\n        <a href=\"https:\/\/launchpad.net\/ubuntu\/+source\/python2.7\/2.7.3-0ubuntu3.10\">2.7.3-0ubuntu3.10<\/a><br \/>\n    <\/span>\n  <\/dd>\n<\/dl>\n<p>To update your system, please follow these instructions:<br \/>\n<a href=\"https:\/\/wiki.ubuntu.com\/Security\/Upgrades\">https:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\n<p>In general, a standard system update will make all the necessary changes.<\/p>\n<h3>References<\/h3>\n<p>        <a href=\"http:\/\/people.ubuntu.com\/~ubuntu-security\/cve\/CVE-2017-1000158\">CVE-2017-1000158<\/a><\/p>\n<p>Source: <a href=\"http:\/\/www.ubuntu.com\/usn\/usn-3496-2\/\" target=\"_blank\">USN-3496-2: Python vulnerability<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\"><p>USN-3496-2: Python vulnerability Ubuntu Security Notice USN-3496-2 28th November, 2017 python2.7 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Python could be made to run arbitrary code. Software description python2.7 &#8211; An interactive high-level object-oriented language Details USN-3496-1 fixed a vulnerability in Python. This update providesthe corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Python incorrectly handled decoding certain strings. An attacker could possibly use this issue to execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: python2.7-minimal 2.7.3-0ubuntu3.10 python2.7 2.7.3-0ubuntu3.10 To update your system, please follow these instructions: https:\/\/wiki.ubuntu.com\/Security\/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2017-1000158 Source: USN-3496-2: Python vulnerability<\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-20702","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/20702","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=20702"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/20702\/revisions"}],"predecessor-version":[{"id":20703,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/20702\/revisions\/20703"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=20702"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=20702"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=20702"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}