[USN-7713-1] OpenLDAP vulnerabilities
[USN-7710-2] Python 2.7 vulnerability
[USN-7713-1] OpenLDAP vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7713-1
August 24, 2025
openldap vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in OpenLDAP.
Software Description:
- openldap: Lightweight Directory Access Protocol
Details:
It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A
remote attacker could possibly use this issue to cause OpenLDAP to crash,
resulting in a denial of service. (CVE-2020-36229, CVE-2020-36230)
Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short
timestamps. A remote attacker could possibly use this issue to cause
OpenLDAP to crash, resulting in a denial of service. (CVE-2021-27212)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS
slapd 2.4.31-1+nmu2ubuntu8.5+esm8
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7713-1
CVE-2020-36229, CVE-2020-36230, CVE-2021-27212
[USN-7710-2] Python 2.7 vulnerability
==========================================================================
Ubuntu Security Notice USN-7710-2
August 29, 2025
python2.7 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Python.
Software Description:
- python2.7: An interactive high-level object-oriented language
Details:
USN-7710-1 fixed vulnerabilities in Python. This update provides the
corresponding fix for CVE-2025-8194 for Python 2.7.
Original advisory details:
It was discovered that Python inefficiently parsed maliciously crafted
HTML input. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-6069)
It was discovered that Python incorrectly parsed maliciously crafted Tar
archives. An attacker could possibly use this issue to cause a denial of
service. (CVE-2025-8194)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
libpython2.7 2.7.18-13ubuntu1.5+esm7
Available with Ubuntu Pro
python2.7 2.7.18-13ubuntu1.5+esm7
Available with Ubuntu Pro
Ubuntu 20.04 LTS
libpython2.7 2.7.18-1~20.04.7+esm8
Available with Ubuntu Pro
python2.7 2.7.18-1~20.04.7+esm8
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libpython2.7 2.7.17-1~18.04ubuntu1.13+esm12
Available with Ubuntu Pro
python2.7 2.7.17-1~18.04ubuntu1.13+esm12
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libpython2.7 2.7.12-1ubuntu0~16.04.18+esm17
Available with Ubuntu Pro
python2.7 2.7.12-1ubuntu0~16.04.18+esm17
Available with Ubuntu Pro
Ubuntu 14.04 LTS
libpython2.7 2.7.6-8ubuntu0.6+esm26
Available with Ubuntu Pro
python2.7 2.7.6-8ubuntu0.6+esm26
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7710-2
https://ubuntu.com/security/notices/USN-7710-1
CVE-2025-8194
