[ubuntu/oracular-security] python3.12 3.12.7-1ubuntu2.1 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Mon Jun 16 12:05:20 UTC 2025
python3.12 (3.12.7-1ubuntu2.1) oracular-security; urgency=medium
* SECURITY UPDATE: DoS via bytes.decode with unicode_escape
- debian/patches/CVE-2025-4516.patch: fix use-after-free in the
unicode-escape decoder with an error handler in
Include/internal/pycore_bytesobject.h,
Include/internal/pycore_unicodeobject.h,
Lib/test/test_codeccallbacks.py, Lib/test/test_codecs.py,
Objects/bytesobject.c, Objects/unicodeobject.c,
Parser/string_parser.c.
- CVE-2025-4516
Date: 2025-05-27 14:56:31.436411+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
https://launchpad.net/ubuntu/+source/python3.12/3.12.7-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list