Format: 1.8
Date: Tue, 20 Aug 2019 13:12:48 -0400
Source: python3.6
Binary: python3.6 python3.6-venv libpython3.6-stdlib python3.6-minimal libpython3.6-minimal libpython3.6 python3.6-examples python3.6-dev libpython3.6-dev libpython3.6-testsuite idle-python3.6 python3.6-doc python3.6-dbg libpython3.6-dbg
Architecture: all amd64
Version: 3.6.8-1~18.04.2
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-035.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 idle-python3.6 - IDE for Python (v3.6) using Tkinter
 libpython3.6 - Shared Python runtime library (version 3.6)
 libpython3.6-dbg - Debug Build of the Python Interpreter (version 3.6)
 libpython3.6-dev - Header files and a static library for Python (v3.6)
 libpython3.6-minimal - Minimal subset of the Python language (version 3.6)
 libpython3.6-stdlib - Interactive high-level object-oriented language (standard library
 libpython3.6-testsuite - Testsuite for the Python standard library (v3.6)
 python3.6  - Interactive high-level object-oriented language (version 3.6)
 python3.6-dbg - Debug Build of the Python Interpreter (version 3.6)
 python3.6-dev - Header files and a static library for Python (v3.6)
 python3.6-doc - Documentation for the high-level object-oriented language Python
 python3.6-examples - Examples for the Python language (v3.6)
 python3.6-minimal - Minimal subset of the Python language (version 3.6)
 python3.6-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.6 (3.6.8-1~18.04.2) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: incorrect cookie domain check
     - debian/patches/CVE-2018-20852.patch: prefix dot in domain for proper
       subdomain validation in Lib/http/cookiejar.py,
       Lib/test/test_http_cookiejar.py.
     - CVE-2018-20852
   * SECURITY UPDATE: NULL pointer dereference via X509 certificate
     - debian/patches/CVE-2019-5010.patch: fix segfault in ssl cert parser
       in Lib/test/talos-2019-0758.pem, Lib/test/test_ssl.py,
       Modules/_ssl.c.
     - CVE-2019-5010
   * SECURITY UPDATE: improper handling of unicode encoding
     - debian/patches/CVE-2019-9636.patch: add check for characters in
       netloc that normalize to separators in Doc/library/urllib.parse.rst,
       Lib/test/test_urlparse.py, Lib/urllib/parse.py.
     - CVE-2019-9636
   * SECURITY UPDATE: HTTP header injection
     - debian/patches/CVE-2019-9740.patch: disallow control chars in http
       URLs in Lib/http/client.py, Lib/test/test_urllib.py,
       Lib/test/test_xmlrpc.py.
     - CVE-2019-9740
     - CVE-2019-9947
   * SECURITY UPDATE: urllib support the local_file: scheme
     - debian/patches/CVE-2019-9948.patch: disallow file reading in
       Lib/urllib/request.py, Lib/test/test_urllib.py.
     - CVE-2019-9948
   * SECURITY UPDATE: incomplete fix for CVE-2019-9636
     - debian/patches/CVE-2019-10160-1.patch: fix handling of
       pre-normalization characters in urlsplit() in
       Lib/test/test_urlparse.py, Lib/urllib/parse.py.
     - debian/patches/CVE-2019-10160-2.patch: correct fix to handle
       decomposition in usernames in Lib/test/test_urlparse.py,
       Lib/urllib/parse.py.
     - CVE-2019-10160
Checksums-Sha1:
 46315293c518e5384e7ddd5fe8fe9baabb7cfd3f 260456 idle-python3.6_3.6.8-1~18.04.2_all.deb
 92ae075b119c5946004747011b05286289b49768 10821732 libpython3.6-dbg_3.6.8-1~18.04.2_amd64.deb
 09430480598409364454c00409245a5cb66d7678 44803344 libpython3.6-dev_3.6.8-1~18.04.2_amd64.deb
 c87f97a4a2eaad682aa704099ae70fe79892f862 531876 libpython3.6-minimal_3.6.8-1~18.04.2_amd64.deb
 1ffb3d6e0b52fe194db9b8c6344756db53f5b151 1710388 libpython3.6-stdlib_3.6.8-1~18.04.2_amd64.deb
 71b9a704343e266080be5f1b79d2d40ff30eb00f 2764512 libpython3.6-testsuite_3.6.8-1~18.04.2_all.deb
 abae3e6035f33dab9ec45e74013763eeb7c56f78 1414228 libpython3.6_3.6.8-1~18.04.2_amd64.deb
 c28bb38b5ac033f973104910d60fce9da49540cf 14934912 python3.6-dbg_3.6.8-1~18.04.2_amd64.deb
 3decb3bb395c0aa185b03d5776023a0bb72d64e4 508164 python3.6-dev_3.6.8-1~18.04.2_amd64.deb
 e909811912bd3c9f0e2781221ab756c9d2ee0967 8972400 python3.6-doc_3.6.8-1~18.04.2_all.deb
 2fa73a7b0fa56e52e61b6ddbfcec4bc258dfd052 441444 python3.6-examples_3.6.8-1~18.04.2_all.deb
 c12977ef009f1d0bf5045209163e3884d3b66893 1609184 python3.6-minimal_3.6.8-1~18.04.2_amd64.deb
 7e1ba19eb2d48b10ff7de7898a9700a6bb9889e4 6184 python3.6-venv_3.6.8-1~18.04.2_amd64.deb
 09c7a6398e0856f7a844d676ed8a5900f40b8c97 14760 python3.6_3.6.8-1~18.04.2_amd64.buildinfo
 0a64ba2f0b3d9b1465465b1f67b6baa44fcc187d 201544 python3.6_3.6.8-1~18.04.2_amd64.deb
Checksums-Sha256:
 a7db51f17f1ef5cf0443d947e25e0ba34a14196be0ce1d6c85c49f3f88997dfb 260456 idle-python3.6_3.6.8-1~18.04.2_all.deb
 11eb8045d0808ef95ee864e9fd6a636378fc9d79636d1bfb057e80063fe976b8 10821732 libpython3.6-dbg_3.6.8-1~18.04.2_amd64.deb
 eaf9527199dab77bbff512611850ed727036dfeec8240196f1e1a5f249651554 44803344 libpython3.6-dev_3.6.8-1~18.04.2_amd64.deb
 eeebdf1ad49d1cddf14db847d5087838ee7d279102a144456fcd38e851aa0929 531876 libpython3.6-minimal_3.6.8-1~18.04.2_amd64.deb
 124c984fe8b211f535eb739186f2116b0e71baf45a0fefd8ed9452328c2ac3f6 1710388 libpython3.6-stdlib_3.6.8-1~18.04.2_amd64.deb
 2320f8b89d954c875c6d80c8c30d4dea6e6eed90fb43ddb3bbc56821006a0aa6 2764512 libpython3.6-testsuite_3.6.8-1~18.04.2_all.deb
 9f39792871ea9e3f87d576568bd575ff96d3d556bf146ee8dfccd89e653a699f 1414228 libpython3.6_3.6.8-1~18.04.2_amd64.deb
 4a55884f224396c2764d11d1319ed56a0a953312a61a0dc3fde0eccb89cc863a 14934912 python3.6-dbg_3.6.8-1~18.04.2_amd64.deb
 12a1e1067ecc5ab44354e4eea63dbd00ffcfdbd87374dda9e7375a4c5d865700 508164 python3.6-dev_3.6.8-1~18.04.2_amd64.deb
 27647b47875249d892662a81aa6f98e02066504308f717c780826c10982e98af 8972400 python3.6-doc_3.6.8-1~18.04.2_all.deb
 bc64f2ef559049c1e6bdb1f4d906d36a9b8c02158d06f2dba89f9de4e5df2650 441444 python3.6-examples_3.6.8-1~18.04.2_all.deb
 43667be868ddf57e1a92f5aafb0e970ee87e8467022866267405de9c109f339f 1609184 python3.6-minimal_3.6.8-1~18.04.2_amd64.deb
 a6689ffe104cb686b445362152558da891b1ed18ad482a32e8a4471cec0c0875 6184 python3.6-venv_3.6.8-1~18.04.2_amd64.deb
 59a73f3df70596b7cc700ed6888b58763e06114bf7e7fb2f271ed0b1a7e3dcc9 14760 python3.6_3.6.8-1~18.04.2_amd64.buildinfo
 c38574775b6f92a78a60d08cf0bf8ec7d783cf33d789c7cce4e4639e0e747c03 201544 python3.6_3.6.8-1~18.04.2_amd64.deb
Files:
 6aa622c9c4dbae647e762c2df45f2e63 260456 python optional idle-python3.6_3.6.8-1~18.04.2_all.deb
 add70710efc0a09e302359ef6e819062 10821732 debug optional libpython3.6-dbg_3.6.8-1~18.04.2_amd64.deb
 ed9954cbedc8a561c2b76039dc4c977d 44803344 libdevel optional libpython3.6-dev_3.6.8-1~18.04.2_amd64.deb
 d5f261989af17131defd05058008c7c7 531876 python optional libpython3.6-minimal_3.6.8-1~18.04.2_amd64.deb
 b1c80629e2cdd8db50587d497c1a2bd8 1710388 python optional libpython3.6-stdlib_3.6.8-1~18.04.2_amd64.deb
 f3d37116e7d62ef1fb1a093a38da705f 2764512 libdevel optional libpython3.6-testsuite_3.6.8-1~18.04.2_all.deb
 8bd191c281bb3d93011b91079b5ea1a2 1414228 libs optional libpython3.6_3.6.8-1~18.04.2_amd64.deb
 087c2bda4cb1903b1fdd83010943dd2d 14934912 debug optional python3.6-dbg_3.6.8-1~18.04.2_amd64.deb
 201ed266d41ef3dc2792a283beb65cde 508164 python optional python3.6-dev_3.6.8-1~18.04.2_amd64.deb
 11904471034889f69cd7959ca1a947fe 8972400 doc optional python3.6-doc_3.6.8-1~18.04.2_all.deb
 efc88f4f1ef1eae526262cefba9aa48d 441444 python optional python3.6-examples_3.6.8-1~18.04.2_all.deb
 0ad3211322f1ccb11209ddf08652e9e8 1609184 python optional python3.6-minimal_3.6.8-1~18.04.2_amd64.deb
 3b547f816413df495560d52aceee27b2 6184 python optional python3.6-venv_3.6.8-1~18.04.2_amd64.deb
 df9c58f235886aa192cda4ec4555a4bc 14760 python optional python3.6_3.6.8-1~18.04.2_amd64.buildinfo
 7dfa87c69ec1f63ad1266f91998d23be 201544 python optional python3.6_3.6.8-1~18.04.2_amd64.deb