Ubuntu Security Notice 6394-2 - USN-6394-1 fixed a vulnerability in Python. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
d38a75206389008d3e1ad14a50564e60d915ccb7b901100a133baef1458072fe
==========================================================================
Ubuntu Security Notice USN-6394-2
October 17, 2023
python2.7 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)
Summary:
Python could be made to execute arbitrary code if it received
a specially crafted script.
Software Description:
- python2.7: An interactive high-level object-oriented language
Details:
USN-6394-1 fixed a vulnerability in Python. This update provides
the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that Python incorrectly handled certain scripts.
An attacker could possibly use this issue to execute arbitrary code
or cause a crash.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
python2.7 2.7.17-1~18.04ubuntu1.13+esm3
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
python2.7 2.7.12-1ubuntu0~16.04.18+esm8
Ubuntu 14.04 LTS (Available with Ubuntu Pro):
python2.7 2.7.6-8ubuntu0.6+esm17
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6394-2
https://ubuntu.com/security/notices/USN-6394-1
CVE-2022-48560