| Release | Version |
|---|---|
| stretch | 2.5.3-16+deb9u1 |
| buster | 2.7.1+repack1-4~deb10u1 |
| bullseye | 2.7.2+repack1-3 |
| bookworm | 2.7.2+repack1-3 |
| sid | 2.7.2+repack1-3 |
| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-16935 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable | vulnerable | The documentation XML-RPC server in Python through 2.7.16, 3.x through ... |
| CVE-2013-2027 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | Jython 2.2.1 uses the current umask to set the privileges of the class ... |
| Bug | stretch | buster | bullseye | bookworm | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2017-17522 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | ** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not vali ... |
| Bug | Description |
|---|---|
| CVE-2016-4000 | Jython before 2.7.1rc1 allows attackers to execute arbitrary code via ... |
| DSA / DLA | Description |
|---|---|
| DSA-3893-1 | jython - security update |
| DLA-989-1 | jython - security update |