Ubuntu Security Notice USN-4962-1

Ubuntu Security Notice USN-4962-1: Posted May 19, 2021; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4962-1 - It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2021-20095; SHA-256 | 4cce484e1a30e681c2ba03a5b9b47bb4627b4aa3850418ef49b6ccc629e1254a; Download | Favorite | View

Ubuntu Security Notice USN-4962-1

=========================================================================
Ubuntu Security Notice USN-4962-1
May 19, 2021

python-babel vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

Babel code be made to execute arbitrary code if it received a specially
crafted input.

Software Description:
- python-babel: tools for internationalizing Python applications

Details:

It was discovered that Babel incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 21.04:
  python-babel-localedata         2.8.0+dfsg.1-6ubuntu0.1
  python3-babel                   2.8.0+dfsg.1-6ubuntu0.1

Ubuntu 20.10:
  python-babel-localedata         2.8.0+dfsg.1-4ubuntu0.1
  python3-babel                   2.8.0+dfsg.1-4ubuntu0.1

Ubuntu 20.04 LTS:
  python-babel                    2.6.0+dfsg.1-1ubuntu2.2
  python-babel-localedata         2.6.0+dfsg.1-1ubuntu2.2
  python3-babel                   2.6.0+dfsg.1-1ubuntu2.2

Ubuntu 18.04 LTS:
  python-babel                    2.4.0+dfsg.1-2ubuntu1.1
  python-babel-localedata         2.4.0+dfsg.1-2ubuntu1.1
  python3-babel                   2.4.0+dfsg.1-2ubuntu1.1

Ubuntu 16.04 ESM:
  python-babel                    1.3+dfsg.1-6ubuntu0.1~esm1
  python-babel-localedata         1.3+dfsg.1-6ubuntu0.1~esm1
  python3-babel                   1.3+dfsg.1-6ubuntu0.1~esm1

Ubuntu 14.04 ESM:
  python-babel                    1.3+dfsg.1-2ubuntu2+esm1
  python-babel-localedata         1.3+dfsg.1-2ubuntu2+esm1
  python3-babel                   1.3+dfsg.1-2ubuntu2+esm1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-4962-1
  CVE-2021-20095

Package Information:
  https://launchpad.net/ubuntu/+source/python-babel/2.8.0+dfsg.1-6ubuntu0.1
  https://launchpad.net/ubuntu/+source/python-babel/2.8.0+dfsg.1-4ubuntu0.1
  https://launchpad.net/ubuntu/+source/python-babel/2.6.0+dfsg.1-1ubuntu2.2
  https://launchpad.net/ubuntu/+source/python-babel/2.4.0+dfsg.1-2ubuntu1.1

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Ubuntu Security Notice USN-4962-1

Ubuntu Security Notice USN-4962-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Ubuntu Security Notice USN-4962-1

Share This

Ubuntu Security Notice USN-4962-1

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems