OVAL Reference oval:com.ubuntu.trusty:def:20165636000

Oval Definition:

oval:com.ubuntu.trusty:def:20165636000

Revision Date:	2016-09-02	Version:	1
Title:	CVE-2016-5636 on Ubuntu 14.04 LTS (trusty) - medium.
Description:	Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-5636
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'python2.7' package in trusty was vulnerable but has been fixed (note: '2.7.6-8ubuntu0.3'). OR The 'python3.4' package in trusty was vulnerable but has been fixed (note: '3.4.3-1ubuntu1~14.04.5'). OR The vulnerability of the 'python3.5' package in trusty is not known (status: 'needs-triage'). It is pending evaluation.