{"id":"USN-7280-3","summary":"python2.7 regression","details":"USN-7280-2 fixed vulnerabilities in Python. It was discovered that the\nfixes for CVE-2025-0938 and CVE-2024-11168 were incorrectly applied on\nUbuntu 14.04 LTS as a result. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\n It was discovered that Python incorrectly handled parsing domain names that\n included square brackets. A remote attacker could possibly use this issue\n to perform a Server-Side Request Forgery (SSRF) attack.\n","modified":"2026-04-24T09:57:53.020321Z","published":"2025-09-29T12:01:50Z","related":["UBUNTU-CVE-2024-11168","UBUNTU-CVE-2025-0938"],"upstream":["CVE-2024-11168","CVE-2025-0938","UBUNTU-CVE-2024-11168","UBUNTU-CVE-2025-0938"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7280-3"},{"type":"REPORT","url":"https://launchpad.net/bugs/2125702"}],"affected":[{"package":{"name":"python2.7","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/python2.7@2.7.6-8ubuntu0.6+esm28?arch=source&distro=esm-infra-legacy/trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.6-8ubuntu0.6+esm28"}]}],"versions":["2.7.5-8ubuntu3","2.7.5-8ubuntu4","2.7.6-2","2.7.6-2ubuntu1","2.7.6-3","2.7.6-3ubuntu1","2.7.6-4","2.7.6-4ubuntu1","2.7.6-5","2.7.6-7","2.7.6-8","2.7.6-8ubuntu0.2","2.7.6-8ubuntu0.3","2.7.6-8ubuntu0.4","2.7.6-8ubuntu0.5","2.7.6-8ubuntu0.6+esm2","2.7.6-8ubuntu0.6+esm3","2.7.6-8ubuntu0.6+esm5","2.7.6-8ubuntu0.6+esm6","2.7.6-8ubuntu0.6+esm7","2.7.6-8ubuntu0.6+esm8","2.7.6-8ubuntu0.6+esm9","2.7.6-8ubuntu0.6+esm10","2.7.6-8ubuntu0.6+esm11","2.7.6-8ubuntu0.6+esm12","2.7.6-8ubuntu0.6+esm13","2.7.6-8ubuntu0.6+esm14","2.7.6-8ubuntu0.6+esm15","2.7.6-8ubuntu0.6+esm16","2.7.6-8ubuntu0.6+esm17","2.7.6-8ubuntu0.6+esm18","2.7.6-8ubuntu0.6+esm20","2.7.6-8ubuntu0.6+esm21","2.7.6-8ubuntu0.6+esm22","2.7.6-8ubuntu0.6+esm24","2.7.6-8ubuntu0.6+esm25","2.7.6-8ubuntu0.6+esm26"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_name":"idle-python2.7","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"libpython2.7","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"libpython2.7-minimal","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"libpython2.7-stdlib","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"libpython2.7-testsuite","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"python2.7","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"python2.7-examples","binary_version":"2.7.6-8ubuntu0.6+esm28"},{"binary_name":"python2.7-minimal","binary_version":"2.7.6-8ubuntu0.6+esm28"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7280-3.json"}}],"schema_version":"1.7.5"}