-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 04 Nov 2021 20:59:10 +0530 Source: python3.5 Architecture: source Version: 3.5.3-1+deb9u5 Distribution: stretch-security Urgency: high Maintainer: Matthias Klose <doko@debian.org> Changed-By: Utkarsh Gupta <utkarsh@debian.org> Changes: python3.5 (3.5.3-1+deb9u5) stretch-security; urgency=high . * Non-maintainer upload by the LTS Security Team. * Add patch to fix http client infinite line reading (DoS) after a HTTP 100 Continuefix. (Fixes: CVE-2021-3737) * Add patch to fix ReDoS in urllib AbstractBasicAuthHandler. (Fixes: CVE-2021-3733) Checksums-Sha1: 319c8e55f70ad77d6534d149d0b1d1940e2edf25 3383 python3.5_3.5.3-1+deb9u5.dsc 127121fdca11e735b3686e300d66f73aba663e93 15213396 python3.5_3.5.3.orig.tar.xz 23a5106f47ac5dd1ce762279ccbd88c1dc0f0421 257608 python3.5_3.5.3-1+deb9u5.debian.tar.xz 5d73c1f84961a214dc6a5c8ae05153118edcda4d 7449 python3.5_3.5.3-1+deb9u5_source.buildinfo Checksums-Sha256: c701944d1065c458c60229b71fe41c602f49c43fc1ab5c30bf9dbdce64daca2c 3383 python3.5_3.5.3-1+deb9u5.dsc eefe2ad6575855423ab630f5b51a8ef6e5556f774584c06beab4926f930ddbb0 15213396 python3.5_3.5.3.orig.tar.xz 6c94c0367519694f4f5a86d144ea34072704e00fe07061ebabbf5ad79a62b7c4 257608 python3.5_3.5.3-1+deb9u5.debian.tar.xz c3c8c98df616abd807e1e118be32070fbe1093eef7d947ddaac042d201eef27a 7449 python3.5_3.5.3-1+deb9u5_source.buildinfo Files: e5c97394d3ae865e59bd8ff4f3ad735a 3383 python optional python3.5_3.5.3-1+deb9u5.dsc 57d1f8bfbabf4f2500273fb0706e6f21 15213396 python optional python3.5_3.5.3.orig.tar.xz 9d799bdd5f40712e8748f7ad60b1b9af 257608 python optional python3.5_3.5.3-1+deb9u5.debian.tar.xz 3821bc628ff12f4043746cce832e22a7 7449 python optional python3.5_3.5.3-1+deb9u5_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJHBAEBCAAxFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmGEBxgTHHV0a2Fyc2hA ZGViaWFuLm9yZwAKCRCCPpZ2BsNLltf2D/4x1wdOxgONOc7+k8GjJ2yycdOs/+Lm EypvYWINCmGMZF7Ct5+loGLDIMuyDknUw4rvVT+suV0+3SmnIw4KWnid2wHJmK0R yErM+eSlJDG9I+r0ER3TGjC/mlpw7HonvXG3ywr1TqqpWQHimTaNQ2vYe8bLL2NR YupjH0eQ9r2wUaVT6kq3cL/qh6DJUgvuTS1PQG4kWqV1/tgqyhUOutqdajHkRPLM 9N/tO84O6TF9sLtgYL7VRkxDYQXnjgl5O/CckpYyiUDrldPXDeYNuI98vugdh7eS wdAQKsi1fhfPJOm2dtSvCBELvcHtMz4+SfwdiqTe9KeqxgYha57uuBWAWL0PN8Nb 5Ez0dN5tZDTbmkworuwymhz55sfnEixr1JuAz56bEYDGVoLrDHudM/Rp4HIVt4ie 0idhBDFWsUM2TnUZ7pPjXMQetYULtbJEjXQTjSpdafWnydSti3j1zCdq8L+6dESA E//KUkhDq8rYUA259cgHIaWUgdEPDkjM3I+iyGYstklp6zo5xEQ+E5egZ2fVr2SY tvokpmmyZid5yx04aH2n72io2fOS9xUjM5Krgp07UqFlKbR7iiuulWg5qDx+eKP8 Fts/swIyJ82narjV5gFoEe87M/JjczLZADXRJbMhAcJ2llwnuhz08BC7Myi3JHY4 xMPdQSl3xFi/2w== =dhzz -----END PGP SIGNATURE-----