Users need to upgrade the systems to correct the issues

Jun 25, 2015 15:38 GMT  ·  By

Canonical published details about a couple of Python vulnerabilities that had been found and corrected in its Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems.

Amidst discussions about the implementation of Python 3.5 in the latest Ubuntu systems, the maintainers have been quick to update the python2.7, python3.2, and python3.4 packages in the supported Ubuntu systems.

For example, "It was discovered that the Python CGIHTTPServer incorrectly handled URL-encoded path separators in URLs. A remote attacker could use this issue to expose sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS."

For a more detailed description of the problems, you can see Canonical's security notification. Users have been advised to upgrade their systems as soon as possible.

The flaws can be fixed if you upgrade your system(s) to the latest python packages specific to each distribution. To apply the patch, you can run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart is not needed and you can also use the terminal in order to upgrade the system. Just enter the following commands in a terminal near you:

code
sudo apt-get update
sudo apt-get dist-upgrade