Home / mailings [USN-7710-1] Python vulnerabilities
Posted on 22 August 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7710-1
August 21, 2025
python3.13, python3.12, python3.11, python3.10, python3.9, python3.8,
python3.7, python3.6, python3.5, python3.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 25.04
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Python.
Software Description:
- python3.13: An interactive high-level object-oriented language
- python3.12: An interactive high-level object-oriented language
- python3.10: An interactive high-level object-oriented language
- python3.11: An interactive high-level object-oriented language
- python3.8: An interactive high-level object-oriented language
- python3.9: An interactive high-level object-oriented language
- python3.6: An interactive high-level object-oriented language
- python3.7: An interactive high-level object-oriented language
- python3.5: An interactive high-level object-oriented language
- python3.4: An interactive high-level object-oriented language
Details:
It was discovered that Python inefficiently parsed maliciously crafted HTML
input. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-6069)
It was discovered that Python incorrectly parsed maliciously crafted Tar
archives. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-8194)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libpython3.13 3.13.3-1ubuntu0.3
python3.13 3.13.3-1ubuntu0.3
Ubuntu 24.04 LTS
libpython3.12t64 3.12.3-1ubuntu0.8
python3.12 3.12.3-1ubuntu0.8
Ubuntu 22.04 LTS
libpython3.10 3.10.12-1~22.04.11
libpython3.11 3.11.0~rc1-1~22.04.1~esm5
Available with Ubuntu Pro
python3.10 3.10.12-1~22.04.11
python3.11 3.11.0~rc1-1~22.04.1~esm5
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libpython3.8 3.8.10-0ubuntu1~20.04.18+esm2
Available with Ubuntu Pro
libpython3.9 3.9.5-3ubuntu0~20.04.1+esm6
Available with Ubuntu Pro
python3.8 3.8.10-0ubuntu1~20.04.18+esm2
Available with Ubuntu Pro
python3.9 3.9.5-3ubuntu0~20.04.1+esm6
Available with Ubuntu Pro
Ubuntu 18.04 LTS
idle-python3.8 3.8.0-3ubuntu1~18.04.2+esm6
Available with Ubuntu Pro
libpython3.6 3.6.9-1~18.04ubuntu1.13+esm6
Available with Ubuntu Pro
libpython3.7 3.7.5-2ubuntu1~18.04.2+esm7
Available with Ubuntu Pro
python3.6 3.6.9-1~18.04ubuntu1.13+esm6
Available with Ubuntu Pro
python3.7 3.7.5-2ubuntu1~18.04.2+esm7
Available with Ubuntu Pro
python3.8 3.8.0-3ubuntu1~18.04.2+esm6
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libpython3.5 3.5.2-2ubuntu0~16.04.13+esm19
Available with Ubuntu Pro
python3.5 3.5.2-2ubuntu0~16.04.13+esm19
Available with Ubuntu Pro
Ubuntu 14.04 LTS
libpython3.4 3.4.3-1ubuntu1~14.04.7+esm16
Available with Ubuntu Pro
libpython3.5 3.5.2-2ubuntu0~16.04.4~14.04.1+esm7
Available with Ubuntu Pro
python3.4 3.4.3-1ubuntu1~14.04.7+esm16
Available with Ubuntu Pro
python3.5 3.5.2-2ubuntu0~16.04.4~14.04.1+esm7
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7710-1
CVE-2025-6069, CVE-2025-8194
Package Information:
https://launchpad.net/ubuntu/+source/python3.13/3.13.3-1ubuntu0.3
https://launchpad.net/ubuntu/+source/python3.12/3.12.3-1ubuntu0.8
--===============6980868447404499657==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
