[CLSA-2025:1742379028] Fix CVE(s): CVE-2024-11168, CVE-2024-4032, CVE-2025-0938
Type:
security
Severity:
Moderate
Release date:
2025-03-19 10:10:33 UTC
Description:
* SECURITY UPDATE: Improper validation of bracketed hosts in urllib - debian/patches/CVE-2024-11168.patch: add checks to ensure that bracketed hosts found by urlsplit are of IPv6 or IPvFuture format - CVE-2024-11168 * SECURITY UPDATE: Incomplete validation of bracketed hosts in urllib - debian/patches/CVE-2025-0938.patch: disallow square brackets (`[` and `]`) in domain names for parsed URLs - CVE-2025-0938 * SECURITY UPDATE: Incorrent information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private” in ipaddress module - debian/patches/CVE-2024-4032.patch: fix "private" (non-global) IP address ranges - CVE-2024-4032
Updated packages:
  • idle-python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb
    sha:261001ccee00441aba5f6248b4007c993dfb8451
  • libpython3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:3fa5a4fbf0368ddcdc1b93d83ee265028e4a5afc
  • libpython3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:63ce68a8ceb8eeca73e30e51efbb07fe9b9abc16
  • libpython3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:88ded98c931aa00de890916a54dd8193673a4118
  • libpython3.5-stdlib_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:430fec4662ab1aad803c71393bf8f9bd71f86fb5
  • libpython3.5-testsuite_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb
    sha:0865460480df741db55f832f8d5a3ec94eeea2e9
  • python3.5_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:9515aa240afa39088caf4e7d6056c9fbb84accdc
  • python3.5-dev_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:d5e597257a00045dcb6564fa5c50d6aeb64ecffb
  • python3.5-doc_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb
    sha:31f0eaa04660e878bb470218b97b5049069d7f3e
  • python3.5-examples_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_all.deb
    sha:ba313fa15c7c3e01c8153fe223e67df2a551d5dc
  • python3.5-minimal_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:edaa88d70963700ced34327603ecafb934711064
  • python3.5-venv_3.5.2-2ubuntu0~16.04.13+tuxcare.els19_amd64.deb
    sha:b6fd34db1463a97eaf44f9ee5383d74bdf7c68b1
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.