Accepted python3.5 3.5.3-1+deb9u3 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 18 Nov 2020 16:09:16 -0500
Source: python3.5
Binary: python3.5 python3.5-venv libpython3.5-stdlib python3.5-minimal libpython3.5-minimal libpython3.5 python3.5-examples python3.5-dev libpython3.5-dev libpython3.5-testsuite idle-python3.5 python3.5-doc python3.5-dbg libpython3.5-dbg
Architecture: source
Version: 3.5.3-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Matthias Klose <doko@debian.org>
Changed-By: Roberto C. Sánchez <roberto@debian.org>
Description:
idle-python3.5 - IDE for Python (v3.5) using Tkinter
libpython3.5 - Shared Python runtime library (version 3.5)
libpython3.5-dbg - Debug Build of the Python Interpreter (version 3.5)
libpython3.5-dev - Header files and a static library for Python (v3.5)
libpython3.5-minimal - Minimal subset of the Python language (version 3.5)
libpython3.5-stdlib - Interactive high-level object-oriented language (standard library
libpython3.5-testsuite - Testsuite for the Python standard library (v3.5)
python3.5 - Interactive high-level object-oriented language (version 3.5)
python3.5-dbg - Debug Build of the Python Interpreter (version 3.5)
python3.5-dev - Header files and a static library for Python (v3.5)
python3.5-doc - Documentation for the high-level object-oriented language Python
python3.5-examples - Examples for the Python language (v3.5)
python3.5-minimal - Minimal subset of the Python language (version 3.5)
python3.5-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
python3.5 (3.5.3-1+deb9u3) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
.
[ Thorsten Alteholz ]
* CVE-2019-20907: In Lib/tarfile.py, an attacker is able to craft a TAR
archive leading to an infinite loop when opened by tarfile.open, because
_proc_pax lacks header validation
* CVE-2020-26116: http.client allows CRLF injection if the attacker controls
the HTTP request method
.
[ Roberto C. Sánchez ]
* Update expired SSL certificates in unit test suite.
Checksums-Sha1:
d29448db2ef829a3a2f2dfc25fe69100bf3cd1e2 3370 python3.5_3.5.3-1+deb9u3.dsc
1034496469036c2fbb407c900af5392bd3bec808 250516 python3.5_3.5.3-1+deb9u3.debian.tar.xz
950eb08bae287a19dca1018e4cdd015da19ea758 14140 python3.5_3.5.3-1+deb9u3_amd64.buildinfo
Checksums-Sha256:
5239b3f3e272d68fcb834dc59a34677988037817a45acbf88e3cace53e6af41d 3370 python3.5_3.5.3-1+deb9u3.dsc
112d70ba85641fa036753555c82a205403f18bfbeb6d48acee66a3f987d72552 250516 python3.5_3.5.3-1+deb9u3.debian.tar.xz
1581b909d8fd64224693dc0a87fd09adc5c70477f1350f27511ac3c1198d5500 14140 python3.5_3.5.3-1+deb9u3_amd64.buildinfo
Files:
1405791473306c4b7b02365e4616b080 3370 python optional python3.5_3.5.3-1+deb9u3.dsc
ce23dccdf0752a711b9fd422b0147626 250516 python optional python3.5_3.5.3-1+deb9u3.debian.tar.xz
07ae5573a1a3335b3a45bd7a0c32eee5 14140 python optional python3.5_3.5.3-1+deb9u3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEIYZ1DR4ae5UL01q7ldFmTdL1kUIFAl+1mS4ACgkQldFmTdL1
kUJ/2Q//YRoOgbtUxr7TIGt1Li+ZKFlGueQJPixLBn9bXF6qP4iyyOfsoTfLgci0
pA7YTuO1OPi2M6l29AGDqhPgi5URy8CE5sW1bxkxbvqBc74UKICtWal0XOn+S4IX
sITW6fQzvGIq+eJLE9xddoyyBrSVoh0lBuoHFNGIrJLIq/qt8yDaWPTWebvyrsft
UMW1wq/sB6Ur1X3J+NgvhTg+o7+PJT+IeWFXbMm2bv5/nYJwENCMNzKOzGBifHib
fDmDy8juUYvKR7WEPnAMe7Y9U/PKBD7trhnZFqTL4uxkXHTP7rX0CK8R1HADVbb7
71qiN9VpuT2euCFFN7QFn7m1UztdNjreTksul7VkbLdHk+Qlxrb8hJRaHTR25WYp
m4NrzszDm4t7/dv2N1UQ2CIyMh80kNCzcX9opDolq/0XKRFIYnjNDEmGB3ZOcs0K
CtLHJaLEyOJwEW4QrZ9H7MEb7SQo+WL4o/EGpw2Qzn+UZm0H1LDvr6PLGP7K2esw
77B8Hg6I47ps2gEadMoNRWZ1+Vjo9boKiTWp8DORtFylRwsgx5ZarqvN1utcaQtt
r0DFdID0KBQQA5LibfLzFK2/gSw0WBXnYxfOysqIkmE952RjFa0hfrr97vWDWvS/
cgrqG5OOyV96nstwJy42dde1LUjcw5Oexf1bfKjv3bO01Vte5SM=
=I9BT
-----END PGP SIGNATURE-----
Reply to: