[SECURITY] [DLA 1998-1] python-psutil security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1998-1] python-psutil security update
From: "Chris Lamb" <lamby@debian.org>
Date: Mon, 18 Nov 2019 13:55:02 -0500
Message-id: <[🔎] 0d5b6679-3700-42a7-a5ad-dea9e4a02dea@sloti26t01>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : python-psutil
Version        : 2.1.1-1+deb8u1
CVE ID         : CVE-2019-18874
Debian Bug     : #944605

It was discovered that there were multiple double free
vulnerabilities in python-psutil, a Python module providing
convenience functions for accessing system process data.

This was caused by incorrect reference counting handling within
for/while loops that convert system data into said Python objects.

For Debian 8 "Jessie", this issue has been fixed in python-psutil
version 2.1.1-1+deb8u1.

We recommend that you upgrade your python-psutil packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl3S6PsACgkQHpU+J9Qx
Hlgv0A//aNjJ0Wh0FJMK+0/PVlfsIoWpRIsm/NEyMHGRPzVPuliUEHlHudy9N9vj
Ru4Z7dSeDPAk+FsS3A2YMssR7HGmUq3Y9TjuihYqoocIjh4cQno9F5GMI5kjupmW
sVvWZHK463fSJzUix6uuMWcs7AuIy8Jz6/lQQcP+0XIMQt0aNcjWm4HBnHtucPIm
RXloKKDwXTwcCilNYK1sFHuInAcguYdWJANUwF4ObjB3Nrf931dj4Z3Jt9WGR7fb
Kvk2dcPDQPoDQb6kLxpAG+I/549wcm/xtDnZDbR9951ZrouYvKRT8xpga4uLtSr5
v1TgtegXDH58ur5XNfPUjFouVRr6TxyXTZahq5plF41D/QXU9JcgNBmCdETov8cK
rzbCnoa4gwzKngvVZEvwrtGM43wbl0ie6321FA+HmKXayCErB1CB84dGwdSvFj/p
/6zZmdqif0967hf1lgwopoGDcdSJbeN/gdvSOHy5ITRfnhrrGdZWenB2tDf4Glz8
5J1kpHea6kg+lY3PuN65CF50Nk9gv1PDYCJIbOdf91IVyf8RmnFs51625X3w9Nik
jb7IFah4jLg+OqSVy4UTgFsVHogJKKeDXioqDT0aCSK/mPUi1mdTBdj4rbM2TVqR
HYnHefjIqQ4UyWGgT7TYAk1g/iOl7yC+AK3HnLJUPR2cVYbGNp8=
=334G
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1997-1] thunderbird security update
Next by Date: [SECURITY] [DLA 1999-1] symfony security update
Previous by thread: [SECURITY] [DLA 1997-1] thunderbird security update
Next by thread: [SECURITY] [DLA 1999-1] symfony security update
Index(es):
- Date
- Thread