Package: gedit Severity: important Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for gedit.
CVE-2009-0314[0]: | Untrusted search path vulnerability in the Python module in gedit | allows local users to execute arbitrary code via a Trojan horse Python | file in the current working directory, related to a vulnerability in | the PySys_SetArgv function (CVE-2008-5983). There are more information in the redhat bugreport[1] including a patch[2]. For stable, this issue could be fixed via stable-proposed-updates. It seems that the vulnerable function is gedit_python_module_init_python(). For lenny, it could be fixed via migration from unstable. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Cheers Steffen For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0314 http://security-tracker.debian.net/tracker/CVE-2009-0314 [1] https://bugzilla.redhat.com/show_bug.cgi?id=481556 [2] https://bugzilla.redhat.com/attachment.cgi?id=330031 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
