| Package | python3.4 |
|---|---|
| Version | 3.4.2-1+deb8u9 |
| Related CVEs | CVE-2019-20907 CVE-2020-26116 |
Two issues have been found in Python 3.4, an interactive high-level object-oriented language.
CVE-2019-20907 Avoid infinite loop with crafted tar file by improving header validation.
CVE-2020-26116 Avoid injection of HTTP headers via the HTTP method without rejecting newline characters.
For Debian 8 jessie, these problems have been fixed in version 3.4.2-1+deb8u9.
We recommend that you upgrade your python3.4 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.