Register | Log in

python3.4

Choose email to subscribe with

general

source: python3.4 (updates)
version: 3.4.2-1+deb8u1
maintainer: Matthias Klose [DMD]
arch: all any
std-ver: 3.9.6
VCS: Bazaar (Browse)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 3.4.2-1
old-sec: 3.4.2-1+deb8u1

versioned links

3.4.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.4.2-1+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

idle-python3.4
libpython3.4
libpython3.4-dbg
libpython3.4-dev
libpython3.4-minimal
libpython3.4-stdlib
libpython3.4-testsuite
python3.4
python3.4-dbg
python3.4-dev
python3.4-doc
python3.4-examples
python3.4-minimal
python3.4-venv

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

6 ignored security issues in jessie low

There are 6 open security issues in jessie.

6 issues skipped by the security teams:

CVE-2016-0772: The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
CVE-2016-5636: Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.
CVE-2016-5699: CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
CVE-2014-9365: The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's (b) Common Name or (c) subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2013-1753:
CVE-2018-14647: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. Python 3.8, 3.7, 3.6, 3.5, 3.4, 2.7 are believed to be vulnerable.

Please fix them.

Created: 2015-07-12 Last update: 2018-09-27 06:54

news

[2018-09-26] Accepted python3.4 3.4.2-1+deb8u1 (source all amd64) into oldstable (Antoine Beaupré)
[2016-06-24] python3.4 REMOVED from testing (Debian testing watch)
[2016-06-20] Removed 3.4.4-3 from unstable (Debian FTP Masters)
[2016-06-20] Removed 3.4.4-3 from unstable (Debian FTP Masters)
[2016-04-23] python3.4 3.4.4-3 MIGRATED to testing (Debian testing watch)
[2016-04-17] Accepted python3.4 3.4.4-3 (source) into unstable (Matthias Klose)
[2016-01-11] python3.4 3.4.4-2 MIGRATED to testing (Debian testing watch)
[2016-01-05] Accepted python3.4 3.4.4-2 (source all amd64) into unstable (Matthias Klose)
[2015-12-27] python3.4 3.4.4-1 MIGRATED to testing (Debian testing watch)
[2015-12-21] Accepted python3.4 3.4.4-1 (source all amd64) into unstable (Matthias Klose)
[2015-12-13] python3.4 3.4.4~rc1-1 MIGRATED to testing (Debian testing watch)
[2015-12-07] Accepted python3.4 3.4.4~rc1-1 (source all i386) into unstable (Matthias Klose)
[2015-10-17] python3.4 3.4.3-10 MIGRATED to testing (Britney)
[2015-10-11] Accepted python3.4 3.4.3-10 (source all ppc64el) into unstable (Matthias Klose)
[2015-09-29] python3.4 3.4.3-9 MIGRATED to testing (Britney)
[2015-09-23] Accepted python3.4 3.4.3-9 (source all ppc64el) into unstable (Matthias Klose)
[2015-09-12] python3.4 3.4.3-8 MIGRATED to testing (Britney)
[2015-07-28] Accepted python3.4 3.4.3-8 (source all ppc64el) into unstable (Matthias Klose)
[2015-06-08] python3.4 3.4.3-7 MIGRATED to testing (Britney)
[2015-06-02] Accepted python3.4 3.4.3-7 (source all ppc64el) into unstable (Matthias Klose)
[2015-05-13] python3.4 3.4.3-6 MIGRATED to testing (Britney)
[2015-05-07] Accepted python3.4 3.4.3-6 (source all ppc64el) into unstable (Matthias Klose)
[2015-05-06] python3.4 3.4.3-5 MIGRATED to testing (Britney)
[2015-04-30] Accepted python3.4 3.4.3-5 (all amd64 i386 ppc64el source) into unstable (Matthias Klose)
[2015-04-29] Accepted python3.4 3.4.3-4 (source all i386) into unstable (Matthias Klose)
[2015-04-27] python3.4 3.4.2-5 MIGRATED to testing (Britney)
[2015-04-13] Accepted python3.4 3.4.2-5 (source all ppc64el) into unstable (Matthias Klose)
[2015-04-12] Accepted python3.4 3.4.3-3 (source all ppc64el) into experimental (Matthias Klose)
[2015-03-11] Accepted python3.4 3.4.3-2 (source all ppc64el) into experimental (Matthias Klose)
[2015-02-26] Accepted python3.4 3.4.3-1 (source all ppc64el) into experimental (Matthias Klose)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 4
M&W: 0
F&P: 0
patch: 0

links

buildd: logs, clang
popcon
browse source code
edit tags
security tracker
screenshots

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing