Thanks Simon!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1714728
Title:
[CVEs] Creates executables class files with wrong permissions, Unsafe
deserialization leads to code execution
To manage
This bug was fixed in the package jython - 2.5.3-15ubuntu0.1
---
jython (2.5.3-15ubuntu0.1) zesty-security; urgency=high
[ Simon Quigley ]
* SECURITY UPDATE: Creates executables class files with wrong permissions
(LP: #1714728)
- CVE-2013-2027
- 1-CVE-2013-2027.patch
This bug was fixed in the package jython - 2.5.3-1ubuntu0.1
---
jython (2.5.3-1ubuntu0.1) trusty-security; urgency=high
[ Simon Quigley ]
* SECURITY UPDATE: Creates executables class files with wrong permissions
(LP: #1714728)
- CVE-2013-2027
- 1-CVE-2013-2027.patch
This bug was fixed in the package jython - 2.5.3-9ubuntu0.1
---
jython (2.5.3-9ubuntu0.1) xenial-security; urgency=high
[ Simon Quigley ]
* SECURITY UPDATE: Creates executables class files with wrong permissions
(LP: #1714728)
- CVE-2013-2027
- 1-CVE-2013-2027.patch
Attached is a patch for Trusty applicable to 2.5.3-1.
I tested it on a Lubuntu 14.04 install and it works as intended.
** Patch added: "1-2.5.3-1ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/jython/+bug/1714728/+attachment/4954100/+files/1-2.5.3-1ubuntu0.1.debdiff
--
You
Attached is a patch for Xenial applicable to 2.5.3-9.
I tested it on a Lubuntu 16.04 install and it works as intended.
** Patch added: "1-2.5.3-9ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/zesty/+source/jython/+bug/1714728/+attachment/4952099/+files/1-2.5.3-9ubuntu0.1.debdiff
--
Attached is a patch for Zesty applicable to 2.5.3-9.
I tested it on a Lubuntu 16.04 install and it works as intended.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1714728
Title:
[CVEs] Creates
Attached is a patch for Zesty applicable to 2.5.3-15.
I tested it on a Ubuntu 17.04 install and it works as intended.
** Patch added: "1-2.5.3-15ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/zesty/+source/jython/+bug/1714728/+attachment/4951981/+files/1-2.5.3-15ubuntu0.1.debdiff
--
Uploaded the fixes to ppa:tsimonq2/security-builds if anybody would like
to test.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1714728
Title:
[CVEs] Creates executables class files with wrong
This bug was fixed in the package jython - 2.5.3-17ubuntu1
---
jython (2.5.3-17ubuntu1) artful; urgency=medium
* SECURITY UPDATE: Creates executables class files with wrong permissions
(LP: #1714728)
- CVE-2013-2027
- 1-CVE-2013-2027.patch
- 2-CVE-2013-2027.patch
** Changed in: jython (Ubuntu Artful)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1714728
Title:
[CVEs] Creates executables class files with wrong
Uploaded to Artful:
https://launchpad.net/ubuntu/+source/jython/2.5.3-17ubuntu1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1714728
Title:
[CVEs] Creates executables class files with wrong
Since CVE-2016-4000 is High priority, marking as High priority in all
releases affected, marking as Medium in Artful.
** Changed in: jython (Ubuntu Trusty)
Importance: Undecided => High
** Changed in: jython (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: jython (Ubuntu
13 matches
Mail list logo
