Register | Log in

python3.4

Choose email to subscribe with

general

source: python3.4 (updates)
version: 3.4.2-1+deb8u5
maintainer: Matthias Klose [DMD]
arch: all any
std-ver: 3.9.6
VCS: Bazaar (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.4.2-1
o-o-sec: 3.4.2-1+deb8u5

versioned links

3.4.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.4.2-1+deb8u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

idle-python3.4
libpython3.4
libpython3.4-dbg
libpython3.4-dev
libpython3.4-minimal (1 bugs: 0, 1, 0, 0)
libpython3.4-stdlib
libpython3.4-testsuite
python3.4 (2 bugs: 0, 2, 0, 0)
python3.4-dbg
python3.4-dev
python3.4-doc
python3.4-examples
python3.4-minimal
python3.4-venv

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

3 security issues in jessie high

There are 3 open security issues in jessie.

1 important issue:

CVE-2018-20852: http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.

2 issues skipped by the security teams:

CVE-2013-1753:
CVE-2014-9365: The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Please fix them.

Created: 2015-07-12 Last update: 2019-07-20 08:51

news

[2019-07-11] Accepted python3.4 3.4.2-1+deb8u5 (source all amd64) into oldoldstable (Jonas Meurer)
[2019-06-25] Accepted python3.4 3.4.2-1+deb8u4 (source all amd64) into oldstable (Roberto C. Sanchez)
[2019-06-25] Accepted python3.4 3.4.2-1+deb8u3 (source all amd64) into oldstable (Roberto C. Sanchez)
[2019-02-07] Accepted python3.4 3.4.2-1+deb8u2 (source all amd64) into oldstable (Brian May)
[2018-09-26] Accepted python3.4 3.4.2-1+deb8u1 (source all amd64) into oldstable (Antoine Beaupré)
[2016-06-24] python3.4 REMOVED from testing (Debian testing watch)
[2016-06-20] Removed 3.4.4-3 from unstable (Debian FTP Masters)
[2016-06-20] Removed 3.4.4-3 from unstable (Debian FTP Masters)
[2016-04-23] python3.4 3.4.4-3 MIGRATED to testing (Debian testing watch)
[2016-04-17] Accepted python3.4 3.4.4-3 (source) into unstable (Matthias Klose)
[2016-01-11] python3.4 3.4.4-2 MIGRATED to testing (Debian testing watch)
[2016-01-05] Accepted python3.4 3.4.4-2 (source all amd64) into unstable (Matthias Klose)
[2015-12-27] python3.4 3.4.4-1 MIGRATED to testing (Debian testing watch)
[2015-12-21] Accepted python3.4 3.4.4-1 (source all amd64) into unstable (Matthias Klose)
[2015-12-13] python3.4 3.4.4~rc1-1 MIGRATED to testing (Debian testing watch)
[2015-12-07] Accepted python3.4 3.4.4~rc1-1 (source all i386) into unstable (Matthias Klose)
[2015-10-17] python3.4 3.4.3-10 MIGRATED to testing (Britney)
[2015-10-11] Accepted python3.4 3.4.3-10 (source all ppc64el) into unstable (Matthias Klose)
[2015-09-29] python3.4 3.4.3-9 MIGRATED to testing (Britney)
[2015-09-23] Accepted python3.4 3.4.3-9 (source all ppc64el) into unstable (Matthias Klose)
[2015-09-12] python3.4 3.4.3-8 MIGRATED to testing (Britney)
[2015-07-28] Accepted python3.4 3.4.3-8 (source all ppc64el) into unstable (Matthias Klose)
[2015-06-08] python3.4 3.4.3-7 MIGRATED to testing (Britney)
[2015-06-02] Accepted python3.4 3.4.3-7 (source all ppc64el) into unstable (Matthias Klose)
[2015-05-13] python3.4 3.4.3-6 MIGRATED to testing (Britney)
[2015-05-07] Accepted python3.4 3.4.3-6 (source all ppc64el) into unstable (Matthias Klose)
[2015-05-06] python3.4 3.4.3-5 MIGRATED to testing (Britney)
[2015-04-30] Accepted python3.4 3.4.3-5 (all amd64 i386 ppc64el source) into unstable (Matthias Klose)
[2015-04-29] Accepted python3.4 3.4.3-4 (source all i386) into unstable (Matthias Klose)
[2015-04-27] python3.4 3.4.2-5 MIGRATED to testing (Britney)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0
patch: 0

links

buildd: logs, clang, cross
popcon
edit tags
security tracker
screenshots

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing