Format: 1.8
Date: Tue, 20 Aug 2019 13:12:48 -0400
Source: python3.6
Binary: python3.6 python3.6-venv libpython3.6-stdlib python3.6-minimal libpython3.6-minimal libpython3.6 python3.6-examples python3.6-dev libpython3.6-dev libpython3.6-testsuite idle-python3.6 python3.6-doc python3.6-dbg libpython3.6-dbg
Architecture: armhf
Version: 3.6.8-1~18.04.2
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-077.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 idle-python3.6 - IDE for Python (v3.6) using Tkinter
 libpython3.6 - Shared Python runtime library (version 3.6)
 libpython3.6-dbg - Debug Build of the Python Interpreter (version 3.6)
 libpython3.6-dev - Header files and a static library for Python (v3.6)
 libpython3.6-minimal - Minimal subset of the Python language (version 3.6)
 libpython3.6-stdlib - Interactive high-level object-oriented language (standard library
 libpython3.6-testsuite - Testsuite for the Python standard library (v3.6)
 python3.6  - Interactive high-level object-oriented language (version 3.6)
 python3.6-dbg - Debug Build of the Python Interpreter (version 3.6)
 python3.6-dev - Header files and a static library for Python (v3.6)
 python3.6-doc - Documentation for the high-level object-oriented language Python
 python3.6-examples - Examples for the Python language (v3.6)
 python3.6-minimal - Minimal subset of the Python language (version 3.6)
 python3.6-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.6 (3.6.8-1~18.04.2) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: incorrect cookie domain check
     - debian/patches/CVE-2018-20852.patch: prefix dot in domain for proper
       subdomain validation in Lib/http/cookiejar.py,
       Lib/test/test_http_cookiejar.py.
     - CVE-2018-20852
   * SECURITY UPDATE: NULL pointer dereference via X509 certificate
     - debian/patches/CVE-2019-5010.patch: fix segfault in ssl cert parser
       in Lib/test/talos-2019-0758.pem, Lib/test/test_ssl.py,
       Modules/_ssl.c.
     - CVE-2019-5010
   * SECURITY UPDATE: improper handling of unicode encoding
     - debian/patches/CVE-2019-9636.patch: add check for characters in
       netloc that normalize to separators in Doc/library/urllib.parse.rst,
       Lib/test/test_urlparse.py, Lib/urllib/parse.py.
     - CVE-2019-9636
   * SECURITY UPDATE: HTTP header injection
     - debian/patches/CVE-2019-9740.patch: disallow control chars in http
       URLs in Lib/http/client.py, Lib/test/test_urllib.py,
       Lib/test/test_xmlrpc.py.
     - CVE-2019-9740
     - CVE-2019-9947
   * SECURITY UPDATE: urllib support the local_file: scheme
     - debian/patches/CVE-2019-9948.patch: disallow file reading in
       Lib/urllib/request.py, Lib/test/test_urllib.py.
     - CVE-2019-9948
   * SECURITY UPDATE: incomplete fix for CVE-2019-9636
     - debian/patches/CVE-2019-10160-1.patch: fix handling of
       pre-normalization characters in urlsplit() in
       Lib/test/test_urlparse.py, Lib/urllib/parse.py.
     - debian/patches/CVE-2019-10160-2.patch: correct fix to handle
       decomposition in usernames in Lib/test/test_urlparse.py,
       Lib/urllib/parse.py.
     - CVE-2019-10160
Checksums-Sha1:
 3735a92e32719e10e6be4cb4752f20a4a69487f1 10084804 libpython3.6-dbg_3.6.8-1~18.04.2_armhf.deb
 d200204fdf5713bbced3ad75233799ab1b8a90fc 43708632 libpython3.6-dev_3.6.8-1~18.04.2_armhf.deb
 24dc79d37a139f1e062abef60c7c8d117fa3c79c 523688 libpython3.6-minimal_3.6.8-1~18.04.2_armhf.deb
 9ae101d1c2ce41edd29241b8a81a396a231208db 1635264 libpython3.6-stdlib_3.6.8-1~18.04.2_armhf.deb
 1346f922b4b87d2c1b93451c3705329fce32e99d 1208964 libpython3.6_3.6.8-1~18.04.2_armhf.deb
 efbe4a2861f31b16a2a038e6c4b330f6d6c6f817 13879004 python3.6-dbg_3.6.8-1~18.04.2_armhf.deb
 2040bab3787ad3d9f5d878e7683eb981630bb49f 508952 python3.6-dev_3.6.8-1~18.04.2_armhf.deb
 884d999ca2113db1b2ec293b6a31f8b9ee0d661f 1342636 python3.6-minimal_3.6.8-1~18.04.2_armhf.deb
 e8a8a277d5a2a7c7402d605234c68e03a8fd5bda 6184 python3.6-venv_3.6.8-1~18.04.2_armhf.deb
 68a4026b815bd2b0c49ba54cb646bc13ded8c85f 12226 python3.6_3.6.8-1~18.04.2_armhf.buildinfo
 824c0358a03811a2234889077dcf3ad7a3426860 201544 python3.6_3.6.8-1~18.04.2_armhf.deb
Checksums-Sha256:
 bc86b665a9bc2bcda55bba8e26fdeb87632c4011621981dcd2e8a47ad65787ba 10084804 libpython3.6-dbg_3.6.8-1~18.04.2_armhf.deb
 8ad074cd63a1cdf3e3d27861d92c5ffe98d1b041d410f5072993e7b6d4daf162 43708632 libpython3.6-dev_3.6.8-1~18.04.2_armhf.deb
 8516d059def023bbc523213430936c9c31e8e03ca5f6a53618652ad00f47c109 523688 libpython3.6-minimal_3.6.8-1~18.04.2_armhf.deb
 a4d00c19cd4c8f470fdb1ab15f954c7d488b43295fcbdae1c28530b1a0a2e7da 1635264 libpython3.6-stdlib_3.6.8-1~18.04.2_armhf.deb
 90daee352573341f3ef67b1997ff573110eb68776e01a3d1fffe642afd72652e 1208964 libpython3.6_3.6.8-1~18.04.2_armhf.deb
 d554e30a0bbae9a961e4722b5ad8166712899a891f39afb26882bff2b92bcf7b 13879004 python3.6-dbg_3.6.8-1~18.04.2_armhf.deb
 7689e0a7cd677e01d3bb76a9fac119a320efacbcde3f68bf51b320d84efddfc6 508952 python3.6-dev_3.6.8-1~18.04.2_armhf.deb
 7f6656c8c0275fdfea694b14ae9a02cbbb903a98d8ed137960f8aa3d5f6907fb 1342636 python3.6-minimal_3.6.8-1~18.04.2_armhf.deb
 56a383796e464a7271811b67f3a712bc7150ea182bc47a24f050b645883f7fb0 6184 python3.6-venv_3.6.8-1~18.04.2_armhf.deb
 551f281c5e29a5bbcdf26e4c26e17003b7039e753f96baca71e82f5b8b6ff9c2 12226 python3.6_3.6.8-1~18.04.2_armhf.buildinfo
 4235ca02cb6d51b57d430e2826149f936ac7c05b6c8c4302f992aa68c30ded9b 201544 python3.6_3.6.8-1~18.04.2_armhf.deb
Files:
 6f69e225d4fd0da0c49344d3b95543ee 10084804 debug optional libpython3.6-dbg_3.6.8-1~18.04.2_armhf.deb
 830dfff35087d00408dfcaab0836911d 43708632 libdevel optional libpython3.6-dev_3.6.8-1~18.04.2_armhf.deb
 e4357c2a92f1a9a054a5bef05e4a9080 523688 python optional libpython3.6-minimal_3.6.8-1~18.04.2_armhf.deb
 6be81d17fbd039a8dbd2f58d8ca760fa 1635264 python optional libpython3.6-stdlib_3.6.8-1~18.04.2_armhf.deb
 1f44264783e5dc6c4c4a650411d4958d 1208964 libs optional libpython3.6_3.6.8-1~18.04.2_armhf.deb
 f861f69c94ecad9a813231bb6f396f79 13879004 debug optional python3.6-dbg_3.6.8-1~18.04.2_armhf.deb
 bac4cd21e01016692e7cc7ca57e9e052 508952 python optional python3.6-dev_3.6.8-1~18.04.2_armhf.deb
 36df3f905ee754a8e29076f17e9b275e 1342636 python optional python3.6-minimal_3.6.8-1~18.04.2_armhf.deb
 11c437a1ba368f290e47c6688d2ee2fa 6184 python optional python3.6-venv_3.6.8-1~18.04.2_armhf.deb
 337b2e8d92178caa0f1bb4acc4285438 12226 python optional python3.6_3.6.8-1~18.04.2_armhf.buildinfo
 7a11ffdaaed2cb725893309fa4e7f194 201544 python optional python3.6_3.6.8-1~18.04.2_armhf.deb