| Package | python3.5 |
|---|---|
| Version | 3.5.3-1+deb9u7 (stretch) |
| Related CVEs | CVE-2015-20107 CVE-2021-4189 CVE-2022-45061 |
Several vulnerabilities were fixed in the Python3 interpreter.
CVE-2015-20107
The mailcap module did not add escape characters into commands discovered in the system mailcap file.
CVE-2021-4189
Make ftplib not trust the PASV response.
CVE-2022-45061
Quadratic time in the IDNA decoder.
For Debian 9 stretch, these problems have been fixed in version 3.5.3-1+deb9u7.
We recommend that you upgrade your python3.5 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.