-----BEGIN PGP SIGNATURE-----
wsD5BAABCAAjFiEEkd98mdFcnQdP7vQkuGrtzot7pOcFAmdfh4MFAwAAAAAACgkQuGrtzot7pOdj
mAv7Bl7ustUnjfim/ntRrr4EKAducClI8JVTk24FzyBrAAXb1/b/Nk/yZ7ac0UfD4rCFqQuaPThL
ZMzHqKIBHNxOPLGhRP3wT+XCahvOWr4ncSD7P/fVOSYRnwfrTvoKl23ap5x0tUTx1i3oigu+uYCl
VZC23hsosBmSEN44FYpo6KPtw5WydZ8g8OrkBxUO0JUbyA5/On5Mhwm1oDTOdThwXXvnw0uqSjb/
1l6wvXDJ7Kj/orRj1K3uXc01mb1vHebYCwLmgTF1TC6Nj8Db20s/YEgW9ZkCgtNEi5OqauqBv0KM
lf9J7UHB3iEiGghVF+NnFyvsxo9hnOMHVszQTRku/YTLyq4y6o3fXhzT5vl44m/4SyuEgr0PLNPZ
6HzEIFei8oW2J1hgyo0Usu8GD/0hgUejPPOAzmy9+C8zv6bMnYH/z0dHJlhuItUlht0yNcVEaKJX
xJ31nkv/DubRnOBL27q5d/fB6+9J11J3jso97W+Df2NlEkV6oBKJNi5+on3g
=l+cr
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7160-1
December 15, 2024
mpmath vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Mpmath could be made to crash if it opened a specially crafted
file.
Software Description:
- mpmath: library for arbitrary-precision floating-point arithmetic
Details:
It was discovered Mpmath incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause Mpmath to consume
resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
python3-mpmath 1.1.0-2ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
python-mpmath 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-mpmath 1.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
python-mpmath 0.19-3ubuntu0.1~esm1
Available with Ubuntu Pro
python3-mpmath 0.19-3ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7160-1
CVE-2021-29063
No comments:
Post a Comment