You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa python3

Sigurnosni nedostaci programskog paketa python3

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2019-05-17 01:03:28.819325

Name : python3
Product : Fedora 30
Version : 3.7.3
Release : 3.fc30
Summary : Interpreter of the Python programming language
Description :
Python is an accessible, high-level, dynamically typed, interpreted programming
language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.

The python3 package provides the “python3” executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3-libs package,
which should be installed automatically along with python3.
The remaining parts of the Python standard library are broken out into the
python3-tkinter and python3-test packages, which may need to be installed

Documentation for Python is provided in the python3-docs package.

Packages containing additional libraries for Python are generally named with
the “python3-” prefix.

Update Information:

Security fix for CVE-2019-9740 and CVE-2019-9947. Fix a regression introduced by
the fix for CVE-2019-9636. Add manual page link for python3.7m.

* Tue May 7 2019 Charalampos Stratakis <> – 3.7.3-3
– Fix handling of pre-normalization characters in urlsplit
– Disallow control chars in http URLs (#1695572, #1700684, #1688169, #1706851)
* Wed Apr 17 2019 Patrik Kopkan <> – 3.7.3-2
– Makes man python3.7m show python3.7 man pages (#1612241)

[ 1 ] Bug #1688169 – CVE-2019-9740 python: improper neutralization of CRLF sequences in urllib module
[ 2 ] Bug #1695572 – CVE-2019-9947 python: improper neutralization of CRLF sequences in urllib module

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-1ffd6b6064’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorZvonimir Bosnjak
Cert idNCERT-REF-2019-05-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa java-1.8.0-ibm

Otkriveni su kritični sigurnosni nedostaci u programskom paketu java-1.8.0-ibm za operacijski sustav RHEL. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog...