Register | Log in

python3.4

Interactive high-level object-oriented language (version 3.4)

Choose email to subscribe with

general

source: python3.4 (main)
version: 3.4.2-1
maintainer: Matthias Klose [DMD]
arch: all any
std-ver: 3.9.6
VCS: Bazaar (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 3.4.2-1

versioned links

3.4.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

idle-python3.4
libpython3.4
libpython3.4-dbg
libpython3.4-dev
libpython3.4-minimal
libpython3.4-stdlib
libpython3.4-testsuite
python3.4
python3.4-dbg
python3.4-dev
python3.4-doc
python3.4-examples
python3.4-minimal
python3.4-venv

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 3.9.6).

Created: 2016-04-18 Last update: 2018-04-16 20:53

7 ignored security issues in jessie low

There are 7 open security issues in jessie.

7 issues skipped by the security teams:

CVE-2013-1753:
CVE-2016-5636: Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.
CVE-2016-5699: CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
CVE-2018-1061: python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2014-9365: The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2018-1060: python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVE-2016-0772: The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."

Please fix them.

Created: 2015-07-12 Last update: 2018-06-21 08:05

news

[2016-06-24] python3.4 REMOVED from testing (Debian testing watch)
[2016-06-20] Removed 3.4.4-3 from unstable (Debian FTP Masters)
[2016-06-20] Removed 3.4.4-3 from unstable (Debian FTP Masters)
[2016-04-23] python3.4 3.4.4-3 MIGRATED to testing (Debian testing watch)
[2016-04-17] Accepted python3.4 3.4.4-3 (source) into unstable (Matthias Klose)
[2016-01-11] python3.4 3.4.4-2 MIGRATED to testing (Debian testing watch)
[2016-01-05] Accepted python3.4 3.4.4-2 (source all amd64) into unstable (Matthias Klose)
[2015-12-27] python3.4 3.4.4-1 MIGRATED to testing (Debian testing watch)
[2015-12-21] Accepted python3.4 3.4.4-1 (source all amd64) into unstable (Matthias Klose)
[2015-12-13] python3.4 3.4.4~rc1-1 MIGRATED to testing (Debian testing watch)
[2015-12-07] Accepted python3.4 3.4.4~rc1-1 (source all i386) into unstable (Matthias Klose)
[2015-10-17] python3.4 3.4.3-10 MIGRATED to testing (Britney)
[2015-10-11] Accepted python3.4 3.4.3-10 (source all ppc64el) into unstable (Matthias Klose)
[2015-09-29] python3.4 3.4.3-9 MIGRATED to testing (Britney)
[2015-09-23] Accepted python3.4 3.4.3-9 (source all ppc64el) into unstable (Matthias Klose)
[2015-09-12] python3.4 3.4.3-8 MIGRATED to testing (Britney)
[2015-07-28] Accepted python3.4 3.4.3-8 (source all ppc64el) into unstable (Matthias Klose)
[2015-06-08] python3.4 3.4.3-7 MIGRATED to testing (Britney)
[2015-06-02] Accepted python3.4 3.4.3-7 (source all ppc64el) into unstable (Matthias Klose)
[2015-05-13] python3.4 3.4.3-6 MIGRATED to testing (Britney)
[2015-05-07] Accepted python3.4 3.4.3-6 (source all ppc64el) into unstable (Matthias Klose)
[2015-05-06] python3.4 3.4.3-5 MIGRATED to testing (Britney)
[2015-04-30] Accepted python3.4 3.4.3-5 (all amd64 i386 ppc64el source) into unstable (Matthias Klose)
[2015-04-29] Accepted python3.4 3.4.3-4 (source all i386) into unstable (Matthias Klose)
[2015-04-27] python3.4 3.4.2-5 MIGRATED to testing (Britney)
[2015-04-13] Accepted python3.4 3.4.2-5 (source all ppc64el) into unstable (Matthias Klose)
[2015-04-12] Accepted python3.4 3.4.3-3 (source all ppc64el) into experimental (Matthias Klose)
[2015-03-11] Accepted python3.4 3.4.3-2 (source all ppc64el) into experimental (Matthias Klose)
[2015-02-26] Accepted python3.4 3.4.3-1 (source all ppc64el) into experimental (Matthias Klose)
[2014-12-27] Accepted python3.4 3.4.2-4 (source all amd64) into unstable (Matthias Klose)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0

links

buildd: logs, clang
popcon
browse source code
edit tags
security tracker
screenshots

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing