Back to python3.7 PTS page

Accepted python3.7 3.7.3-2+deb10u6 (source) into oldoldstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 Oct 2023 10:51:27 +0100
Source: python3.7
Architecture: source
Version: 3.7.3-2+deb10u6
Distribution: buster-security
Urgency: high
Maintainer: Matthias Klose <doko@debian.org>
Changed-By: Sean Whitton <spwhitton@spwhitton.name>
Changes:
 python3.7 (3.7.3-2+deb10u6) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2022-48560: Use-after-free via heappushpop in heapq.
   * CVE-2022-48564: Potential DoS in read_ints in plistlib.py.
   * CVE-2022-48565: Avoid XML External Entity (XXE) issues by rejecting
     entity declarations in XML plist files in plistlib.
   * CVE-2022-48566: Avoid some possible constant-time-defeating compiler
     optimisations in the accumulator variable in hmac.compare_digest.
   * CVE-2023-40217: Fix possible bypass of some of the protections
     implemented by the TLS handshake in ssl.SSLSocket class.
     - Also apply two upstream commits to stabilise the test suite.
Checksums-Sha1:
 42450647dc2c0672b05b6bd8c16808430a5adb15 3441 python3.7_3.7.3-2+deb10u6.dsc
 a57b7d218ecf0499f7637d976ebb7ca9bff4f6be 249688 python3.7_3.7.3-2+deb10u6.debian.tar.xz
 51cb58f11820d3d85fb27bb0cb9a5b98ac36eb35 8707 python3.7_3.7.3-2+deb10u6_source.buildinfo
Checksums-Sha256:
 c4135134f704d53eba2c9a5c707268c259ef8631946797d53c8b0070335eb72c 3441 python3.7_3.7.3-2+deb10u6.dsc
 b4451d2bb09ee7c07cd82ea0366aecf7f6b73da3ddd6fa263c3ba0437b6c7348 249688 python3.7_3.7.3-2+deb10u6.debian.tar.xz
 d3fffa7b967c6604777bf90dbc4703f93d414146110cc332c57d4744bf356b9b 8707 python3.7_3.7.3-2+deb10u6_source.buildinfo
Files:
 2a87f4a0a696fc9511f7756350442f0c 3441 python optional python3.7_3.7.3-2+deb10u6.dsc
 fe14e390737aa8fbf98d8221b31797e1 249688 python optional python3.7_3.7.3-2+deb10u6.debian.tar.xz
 4bce65bb543317462b02d5d78b5b8815 8707 python optional python3.7_3.7.3-2+deb10u6_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJNBAEBCgA3FiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmUm7Q8ZHHNwd2hpdHRv
bkBzcHdoaXR0b24ubmFtZQAKCRBpW3rkvwZiQLJhD/wIRCtW/OnaMcLYbi5iKl9T
2q2onPkhbHwx8GnbneoowPqBYk5ePuY/+sSgmZ3MVn+Sk55NooNUK3mlxuyav72R
xAXRMlNr5k3a+zsUBt+f6/Yrjs2Fq2x+6Y0Z9AYcVoqGeHdhGg1eGBjbAEGaGqG+
jUHGL1uU++QDlAZ8/+s+tA6E/suZ9LJSL+M6A9/YnL9QAPUgeeAuJtkx5DuKiNb+
DPNgGrw5T5HmmIU+zFMM7rFFYF/oDLkuq9LXONabSxRO2+Vn/9E34xIjAbGUjRZd
xSmSW8nvwC2LoE55aG7gBnaF8LYkusEv6gYTUKbb3W7pJCgS6Fe2bVnwjk5O2Vk4
0AzM5UKxOK0sEqs/X3/PZADy4JjHz3f/7gCw7dVYCJx1NCP4+X+/pVYJzjsj0Npl
c29IzwrZrrYHecmPHczS+sIlxfCqhStjZUgKDgejPVdUfkqW4k1hagSOsDwoDO9B
ZVCYF7u51TSSqlS1GeHx9OS4vDzXqYJPNQsWw/RULOFIW4uuJDSydIElHFYskA71
aXjCvyxj8KrA7qrbH4kdF6RK1NgLOHeY/QOjzBcA02v49XoQXRboMEYYYpQ7HK0N
6APp7s0DANR0T3Qpn3lG+ZqsmJt1KKoSEFTDV7J5JLwtcLGm7KenWn32wZQDKwtz
CnDkx4kc9qlB0B8pd7G9rg==
=3cA1
-----END PGP SIGNATURE-----