PublicDateAtUSN: 2019-09-28 02:15:00 UTC Candidate: CVE-2019-16935 PublicDate: 2019-09-28 02:15:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935 https://github.com/python/cpython/pull/16373 https://ubuntu.com/security/notices/USN-4151-1 https://ubuntu.com/security/notices/USN-4151-2 Description: The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server. Ubuntu-Description: Notes: leosilva> this bug address to the docxmlrpc test hang issue: leosilva> https://bugs.python.org/issue27614. Mitigation: Bugs: https://bugs.python.org/issue38243 Priority: low Discovered-by: Assigned-to: mdeslaur CVSS: nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N [6.1 MEDIUM] Patches_python2.7: upstream: https://github.com/python/cpython/commit/8eb64155ff26823542ccf0225b3d57b6ae36ea89 upstream_python2.7: needs-triage precise/esm_python2.7: released (2.7.3-0ubuntu3.15) trusty_python2.7: ignored (out of standard support) trusty/esm_python2.7: released (2.7.6-8ubuntu0.6+esm3) xenial_python2.7: released (2.7.12-1ubuntu0~16.04.9) esm-infra/xenial_python2.7: released (2.7.12-1ubuntu0~16.04.9) bionic_python2.7: released (2.7.15-4ubuntu4~18.04.2) disco_python2.7: released (2.7.16-2ubuntu0.2) eoan_python2.7: not-affected (2.7.17~rc1-1) focal_python2.7: not-affected (2.7.17-1ubuntu5) groovy_python2.7: not-affected (2.7.17-1ubuntu5) hirsute_python2.7: not-affected (2.7.17-1ubuntu5) impish_python2.7: not-affected (2.7.17-1ubuntu5) jammy_python2.7: not-affected (2.7.17-1ubuntu5) devel_python2.7: not-affected (2.7.17-1ubuntu5) Patches_python3.4: upstream_python3.4: needs-triage precise/esm_python3.4: DNE trusty_python3.4: ignored (out of standard support) trusty/esm_python3.4: released (3.4.3-1ubuntu1~14.04.7+esm4) xenial_python3.4: DNE bionic_python3.4: DNE disco_python3.4: DNE eoan_python3.4: DNE focal_python3.4: DNE groovy_python3.4: DNE hirsute_python3.4: DNE impish_python3.4: DNE jammy_python3.4: DNE devel_python3.4: DNE Patches_python3.5: upstream_python3.5: needs-triage precise/esm_python3.5: DNE trusty_python3.5: ignored (out of standard support) trusty/esm_python3.5: needs-triage xenial_python3.5: released (3.5.2-2ubuntu0~16.04.9) esm-infra/xenial_python3.5: released (3.5.2-2ubuntu0~16.04.9) bionic_python3.5: DNE disco_python3.5: DNE eoan_python3.5: DNE focal_python3.5: DNE groovy_python3.5: DNE hirsute_python3.5: DNE impish_python3.5: DNE jammy_python3.5: DNE devel_python3.5: DNE Patches_python3.6: upstream: https://github.com/python/cpython/commit/1698cacfb924d1df452e78d11a4bf81ae7777389 upstream_python3.6: needs-triage precise/esm_python3.6: DNE trusty_python3.6: DNE trusty/esm_python3.6: DNE xenial_python3.6: DNE bionic_python3.6: released (3.6.8-1~18.04.3) disco_python3.6: DNE eoan_python3.6: DNE focal_python3.6: DNE groovy_python3.6: DNE hirsute_python3.6: DNE impish_python3.6: DNE jammy_python3.6: DNE devel_python3.6: DNE Patches_python3.7: upstream: https://github.com/python/cpython/commit/39a0c7555530e31c6941a78da19b6a5b61170687 upstream_python3.7: released (3.7.5~rc1-1) precise/esm_python3.7: DNE trusty_python3.7: ignored (out of standard support) trusty/esm_python3.7: DNE xenial_python3.7: DNE bionic_python3.7: needs-triage disco_python3.7: released (3.7.3-2ubuntu0.2) eoan_python3.7: not-affected (3.7.5~rc1-1) focal_python3.7: DNE groovy_python3.7: DNE hirsute_python3.7: DNE impish_python3.7: DNE jammy_python3.7: DNE devel_python3.7: DNE Patches_python3.8: upstream: https://github.com/python/cpython/commit/6447b9f9bd27e1f6b04cef674dd3a7ab27bf4f28 upstream_python3.8: needs-triage precise/esm_python3.8: DNE trusty_python3.8: ignored (out of standard support) trusty/esm_python3.8: DNE xenial_python3.8: DNE bionic_python3.8: needs-triage disco_python3.8: ignored (reached end-of-life) eoan_python3.8: not-affected (3.8.0~rc1-1) focal_python3.8: not-affected (3.8.0~rc1-1) groovy_python3.8: not-affected (3.8.0~rc1-1) hirsute_python3.8: DNE impish_python3.8: DNE jammy_python3.8: DNE devel_python3.8: DNE