ELA-1135-1 python3.7 security update

multiple vulnerabilities

2024-07-22
Packagepython3.7
Version3.7.3-2+deb10u8 (buster)
Related CVEs CVE-2024-0397 CVE-2024-4032


Multiple vulnerabilities have been fixed in the Python3 interpreter.

CVE-2024-0397

Race condition in ssl.SSLContext

CVE-2024-4032

Incorrect information about private addresses in the ipaddress module


For Debian 10 buster, these problems have been fixed in version 3.7.3-2+deb10u8.

We recommend that you upgrade your python3.7 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.