| Errata ID | 605 |
|---|---|
| Date | 2019-02-27 |
| Source package | python3.4 |
| Fixed in version | 3.4.2-1+deb8u2 |
| Description | This update addresses the following issues: * Check for StartTLS failure (CVE-2016-0772) * Fix integer overflow in the get_data (CVE-2016-5636) * Fix CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib (CVE-2016-5699) * Fix Modules/_pickle.c integer overflow (CVE-2018-20406) * Fix NULL pointer dereference using a specially crafted X509 certificate (CVE-2019-5010) |
| Additional notes | |
| CVE ID | CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 CVE-2018-20406 CVE-2019-5010 |
| UCS Bug number | #48767 |
