A number of packages in the archive sets the PYTHONPATH environment
variable in an insecure way. They do something like:
PYTHONPATH=/spam/eggs:$PYTHONPATH
This is wrong, because if PYTHONPATH were originally unset or empty,
current working directory would be added to sys.path.
These
Hello,
* python2.7-examples (2.7-9)
* python3.1-examples (3.1.2+20100926-1, 3.1.2+20101012-1)
* python3.2-examples (3.2~a3-1)
For the person reporting those: If they need to be forwarded upstream,
feel free to cc: me in the bug report and I’ll do it.
Regards
--
To UNSUBSCRIBE, email to
Hi Jakub all others,
nice to see you back at full force :)
On Wed, Nov 17, 2010 at 22:58, Jakub Wilk jw...@debian.org wrote:
Any volunteers to file bugs? :)
I'll do that tomorrow, if no-one beats me.
Severity? grave for the vulnerable packages, important for the others?
in this case, was
* Sandro Tosi mo...@debian.org, 2010-11-17, 23:37:
Any volunteers to file bugs? :)
I'll do that tomorrow, if no-one beats me.
Thanks.
Severity? grave for the vulnerable packages, important for the others?
I think so.
in this case, was release team already contacted about that? I don't
4 matches
Mail list logo
