Support for this version has ended
** Changed in: python2.4 (Ubuntu)
Status: Confirmed = Invalid
** Changed in: python2.5 (Ubuntu)
Status: Confirmed = Invalid
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
csound was fixed in 1:5.08.2~dfsg-1.1ubuntu2.
** Changed in: csound (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search
This was fixed in 0.96.1-7.1.
** Changed in: dia (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search path vulnerability
eog was fixed in 2.24.1-0ubuntu1.
** Changed in: eog (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search path
epiphany-browser was fixed in 2.24.1-0ubuntu1.
** Changed in: epiphany-browser (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
nautilus-python was fixed in 0.6.1-1
** Changed in: nautilus-python (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search
vim was fixed in 2:7.2.079-1ubuntu5
** Changed in: vim (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search path
python2.6 was fixed in 2.6.6-5ubuntu1.
** Changed in: python2.6 (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search path
** Changed in: gedit
Importance: Unknown = Medium
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
desktop-bugs
** Changed in: gedit
Status: New = Fix Released
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
ACK on the hardy update. Updated package was uploaded to hardy-security.
Thanks for the debdiff.
** Changed in: xchat (Ubuntu)
Status: Confirmed = Fix Committed
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You
This bug was fixed in the package xchat - 2.8.4-0ubuntu7.1
---
xchat (2.8.4-0ubuntu7.1) hardy-security; urgency=low
* SECURITY UPDATE (LP: #322196)
* debian/patches/64_CVE-2009-0315.dpatch:
- Fix untrusted search path vulnerability in the Python module
in xchat allows
** Branch linked: lp:ubuntu/hardy-security/xchat
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
desktop-bugs
** Also affects: python via
http://bugs.python.org/issue5753
Importance: Unknown
Status: Unknown
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
** Changed in: python
Status: Unknown = Fix Released
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
** Branch linked: lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
** Description changed:
There's an interesting bug (or feature?) in Python 2.6 and earlier that
affects multiple applications using Python. The bug allows local or
user-assisted remote arbitrary code execution. Here is the description
of the Python CVE:
Untrusted search path
Note that a workaround to this python bug was committed to Gnumeric
upstream a long time ago (2009-01-29) and so this vulnerability is not
in gnumeric anymore since release 1.9.4.
** Changed in: gnumeric (Ubuntu)
Status: Confirmed = Fix Released
--
Untrusted search path vulnerability in
** Branch linked: lp:ubuntu/gedit
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
desktop-bugs mailing list
** Changed in: epiphany-browser (Ubuntu)
Importance: Undecided = Low
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
This bug was fixed in the package gedit - 2.26.0-0ubuntu3
---
gedit (2.26.0-0ubuntu3) jaunty; urgency=low
* debian/patches/91_correct_path_use.patch:
- CVE-2009-0314, don't use an untrusted python path when loading
(lp: #322196)
-- Sebastien Bacher seb...@ubuntu.com
** Also affects: python2.6 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: python2.6 (Ubuntu)
Importance: Undecided = Low
** Changed in: python2.6 (Ubuntu)
Status: New = Confirmed
** Changed in: python2.3 (Ubuntu)
Status: Confirmed = Won't Fix
--
Untrusted
** Changed in: gedit
Status: Unknown = New
--
Untrusted search path vulnerability in Python and multiple other programs
https://bugs.launchpad.net/bugs/322196
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is a bug assignee.
--
desktop-bugs
** Changed in: gedit (Ubuntu)
Assignee: (unassigned) = Ubuntu Desktop Bugs (desktop-bugs)
Status: Confirmed = Triaged
** Bug watch added: GNOME Bug Tracker #569214
http://bugzilla.gnome.org/show_bug.cgi?id=569214
** Also affects: gedit via
According to these links (provided by Jan Lieskovsky in the thread referenced
above), Python 2.6 is affected as well.
http://www.openwall.com/lists/oss-security/2009/01/28/5
https://bugzilla.redhat.com/show_bug.cgi?id=482814#c1
** Description changed:
- Binary package hint: python2.5
-
-
** Changed in: csound (Ubuntu)
Status: New = Confirmed
** Changed in: csound (Ubuntu)
Importance: Undecided = Low
** Changed in: dia (Ubuntu)
Status: New = Confirmed
** Changed in: dia (Ubuntu)
Importance: Undecided = Low
** Changed in: eog (Ubuntu)
Status: New =
** Changed in: epiphany (Ubuntu)
Status: New = Invalid
** Also affects: epiphany-browser (Ubuntu)
Importance: Undecided
Status: New
** Also affects: python2.3 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: epiphany-browser (Ubuntu)
Status: New =
Adding CVE references: CVE-2008-5983, CVE-2008-5984, CVE-2008-5985,
CVE-2008-5986, CVE-2008-5987,
CVE-2009-0314, CVE-2009-0315, CVE-2009-0316, CVE-2009-0317, CVE-2009-0318
** Also affects: python2.4 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: dia (Ubuntu)
28 matches
Mail list logo
