A pam-python security update has been released for Debian GNU/Linux 8 LTS

Package : pam-python
Version : 1.0.4-1.1+deb8u1
CVE ID : CVE-2019-16729
Debian Bug : 942514

It was discovered that pam-python, a PAM Module that runs the Python
interpreter, has an issue in regard to the default environment variable
handling of Python. This issue could allow for local root escalation in certain
PAM setups.

For Debian 8 "Jessie", this problem has been fixed in version
1.0.4-1.1+deb8u1.

We recommend that you upgrade your pam-python packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS