Format: 1.8
Date: Tue, 20 Aug 2019 13:12:48 -0400
Source: python3.6
Binary: python3.6 python3.6-venv libpython3.6-stdlib python3.6-minimal libpython3.6-minimal libpython3.6 python3.6-examples python3.6-dev libpython3.6-dev libpython3.6-testsuite idle-python3.6 python3.6-doc python3.6-dbg libpython3.6-dbg
Architecture: arm64
Version: 3.6.8-1~18.04.2
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-075.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 idle-python3.6 - IDE for Python (v3.6) using Tkinter
 libpython3.6 - Shared Python runtime library (version 3.6)
 libpython3.6-dbg - Debug Build of the Python Interpreter (version 3.6)
 libpython3.6-dev - Header files and a static library for Python (v3.6)
 libpython3.6-minimal - Minimal subset of the Python language (version 3.6)
 libpython3.6-stdlib - Interactive high-level object-oriented language (standard library
 libpython3.6-testsuite - Testsuite for the Python standard library (v3.6)
 python3.6  - Interactive high-level object-oriented language (version 3.6)
 python3.6-dbg - Debug Build of the Python Interpreter (version 3.6)
 python3.6-dev - Header files and a static library for Python (v3.6)
 python3.6-doc - Documentation for the high-level object-oriented language Python
 python3.6-examples - Examples for the Python language (v3.6)
 python3.6-minimal - Minimal subset of the Python language (version 3.6)
 python3.6-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.6 (3.6.8-1~18.04.2) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: incorrect cookie domain check
     - debian/patches/CVE-2018-20852.patch: prefix dot in domain for proper
       subdomain validation in Lib/http/cookiejar.py,
       Lib/test/test_http_cookiejar.py.
     - CVE-2018-20852
   * SECURITY UPDATE: NULL pointer dereference via X509 certificate
     - debian/patches/CVE-2019-5010.patch: fix segfault in ssl cert parser
       in Lib/test/talos-2019-0758.pem, Lib/test/test_ssl.py,
       Modules/_ssl.c.
     - CVE-2019-5010
   * SECURITY UPDATE: improper handling of unicode encoding
     - debian/patches/CVE-2019-9636.patch: add check for characters in
       netloc that normalize to separators in Doc/library/urllib.parse.rst,
       Lib/test/test_urlparse.py, Lib/urllib/parse.py.
     - CVE-2019-9636
   * SECURITY UPDATE: HTTP header injection
     - debian/patches/CVE-2019-9740.patch: disallow control chars in http
       URLs in Lib/http/client.py, Lib/test/test_urllib.py,
       Lib/test/test_xmlrpc.py.
     - CVE-2019-9740
     - CVE-2019-9947
   * SECURITY UPDATE: urllib support the local_file: scheme
     - debian/patches/CVE-2019-9948.patch: disallow file reading in
       Lib/urllib/request.py, Lib/test/test_urllib.py.
     - CVE-2019-9948
   * SECURITY UPDATE: incomplete fix for CVE-2019-9636
     - debian/patches/CVE-2019-10160-1.patch: fix handling of
       pre-normalization characters in urlsplit() in
       Lib/test/test_urlparse.py, Lib/urllib/parse.py.
     - debian/patches/CVE-2019-10160-2.patch: correct fix to handle
       decomposition in usernames in Lib/test/test_urlparse.py,
       Lib/urllib/parse.py.
     - CVE-2019-10160
Checksums-Sha1:
 242eb328ce736cd898410c62df06952748de5722 10543968 libpython3.6-dbg_3.6.8-1~18.04.2_arm64.deb
 cad5658231603dcde5709868dcbc5c943c257ba1 2249900 libpython3.6-dev_3.6.8-1~18.04.2_arm64.deb
 a95e5d978e6cc44444dd04ad7c4114c6af5a1084 527296 libpython3.6-minimal_3.6.8-1~18.04.2_arm64.deb
 7062e9aa414f7e5aa27ea98435ca1cd29a84a574 1611456 libpython3.6-stdlib_3.6.8-1~18.04.2_arm64.deb
 988468f1f149bc0285e425afbd400363e1f086d2 1295844 libpython3.6_3.6.8-1~18.04.2_arm64.deb
 ac031c0707edc168e2ffabb32cbdbe427557d219 14196056 python3.6-dbg_3.6.8-1~18.04.2_arm64.deb
 720bd8abbd1a172c52c6984546b5f7ba0426c0e3 508644 python3.6-dev_3.6.8-1~18.04.2_arm64.deb
 f46d1dc96675efa89d491f8438a2dc0d43a9a7b2 1283172 python3.6-minimal_3.6.8-1~18.04.2_arm64.deb
 55b74d53e862ecdccc480d0eeef7276647f62a44 6184 python3.6-venv_3.6.8-1~18.04.2_arm64.deb
 a8da4215b98f8c366092ec37127fa5b9f837d960 12262 python3.6_3.6.8-1~18.04.2_arm64.buildinfo
 f9ecfd00d4737518ba622e8f6d784c193d9ca840 201544 python3.6_3.6.8-1~18.04.2_arm64.deb
Checksums-Sha256:
 a92f25e0a6ce76d39ec7e50544ae17606fc20fe35e534d8dda48b00546621fc4 10543968 libpython3.6-dbg_3.6.8-1~18.04.2_arm64.deb
 f041f00c1bb78035c701fd0bce7f2c65438278f0f048f15f896a82d9f62ae954 2249900 libpython3.6-dev_3.6.8-1~18.04.2_arm64.deb
 fdcfaf3446eb06736837ca7b87c47ae378deb4f66b61518b372972cbe8e32559 527296 libpython3.6-minimal_3.6.8-1~18.04.2_arm64.deb
 ed2b8ae08fd3d11dc40d59677d0120386cc5318460f190a1ca7404bd20351b21 1611456 libpython3.6-stdlib_3.6.8-1~18.04.2_arm64.deb
 8b0afbc5a65099d3ea7e191eebaacef9fd7fce2f7f84e3fc57d279edf072f8f2 1295844 libpython3.6_3.6.8-1~18.04.2_arm64.deb
 07487d4408fafe6e95c97df91793cd82890ab6f9808c1e4695a65118c1d5678e 14196056 python3.6-dbg_3.6.8-1~18.04.2_arm64.deb
 9fad4957268e73185c0b5ac79c2993a516ed417ab101634dc1cb6f5c67021cf6 508644 python3.6-dev_3.6.8-1~18.04.2_arm64.deb
 8140c306c29b57d1831bfd6ecb4791bfd9ba61a13cf96f93d0e6e7ce9b89bb1b 1283172 python3.6-minimal_3.6.8-1~18.04.2_arm64.deb
 92df02fa87adfe210172274f9498b7a44d014b3f9005aedde819526b9f675474 6184 python3.6-venv_3.6.8-1~18.04.2_arm64.deb
 1a4261dbcf032e92fb191b0f31f98a5ab5b7ebd6197c578b69ef81fa990ce00f 12262 python3.6_3.6.8-1~18.04.2_arm64.buildinfo
 ab2466fb20cd9a5b13a4b3e0cfa6a756bda73185e1c2b43b1e568e5440da9978 201544 python3.6_3.6.8-1~18.04.2_arm64.deb
Files:
 d782448100c6ed27c1a5e7354a6b7301 10543968 debug optional libpython3.6-dbg_3.6.8-1~18.04.2_arm64.deb
 34761ef74a79981269886321d1d9aa05 2249900 libdevel optional libpython3.6-dev_3.6.8-1~18.04.2_arm64.deb
 a108458c67d1896d2fe464dc19e6db3c 527296 python optional libpython3.6-minimal_3.6.8-1~18.04.2_arm64.deb
 bb9df4c2e7b5d967ee1ce8aa16648100 1611456 python optional libpython3.6-stdlib_3.6.8-1~18.04.2_arm64.deb
 ff24ae088eb240ef381a6a5d4464e9d3 1295844 libs optional libpython3.6_3.6.8-1~18.04.2_arm64.deb
 a711786e29bc7a96b3b767849679444e 14196056 debug optional python3.6-dbg_3.6.8-1~18.04.2_arm64.deb
 16037a757ac1d034cd39b272ca243ce9 508644 python optional python3.6-dev_3.6.8-1~18.04.2_arm64.deb
 fa25d477e770d0431b76b3495b0ba13d 1283172 python optional python3.6-minimal_3.6.8-1~18.04.2_arm64.deb
 3c85c91a20e53e7dda833396276054f0 6184 python optional python3.6-venv_3.6.8-1~18.04.2_arm64.deb
 3a058be361820c5f79aaf7402b2acfeb 12262 python optional python3.6_3.6.8-1~18.04.2_arm64.buildinfo
 aa3666c89cff59454cc06430d1c29845 201544 python optional python3.6_3.6.8-1~18.04.2_arm64.deb