desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #117137
[Bug 322196] Re: Untrusted search path vulnerability in Python and multiple other programs
Support for this version has ended
** Changed in: python2.4 (Ubuntu)
Status: Confirmed => Invalid
** Changed in: python2.5 (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to eog in Ubuntu.
https://bugs.launchpad.net/bugs/322196
Title:
Untrusted search path vulnerability in Python and multiple other
programs
Status in Light-Weight Text Editor for Gnome:
Fix Released
Status in Python:
Fix Released
Status in csound package in Ubuntu:
Fix Released
Status in dia package in Ubuntu:
Fix Released
Status in eog package in Ubuntu:
Fix Released
Status in epiphany package in Ubuntu:
Invalid
Status in epiphany-browser package in Ubuntu:
Fix Released
Status in gedit package in Ubuntu:
Fix Released
Status in gnumeric package in Ubuntu:
Fix Released
Status in nautilus-python package in Ubuntu:
Fix Released
Status in python2.3 package in Ubuntu:
Won't Fix
Status in python2.4 package in Ubuntu:
Invalid
Status in python2.5 package in Ubuntu:
Invalid
Status in python2.6 package in Ubuntu:
Fix Released
Status in vim package in Ubuntu:
Fix Released
Status in xchat package in Ubuntu:
Fix Released
Bug description:
There's an interesting bug (or feature?) in Python 2.6 and earlier
that affects multiple applications using Python. The bug allows local
or user-assisted remote arbitrary code execution. Here is the
description of the Python CVE:
"Untrusted search path vulnerability in the PySys_SetArgv API function
in Python before 2.6 prepends an empty string to sys.path when the
argv[0] argument does not contain a path separator, which might allow
local users to execute arbitrary code via a Trojan horse Python file
in the current working directory."
(Python 2.6 is vulnerable, too. See the comments.)
Affected packages are, at least:
CVE-2008-4863 - Blender (already fixed in Ubuntu, I think)
CVE-2008-5983 - Python
CVE-2008-5984 - Dia
CVE-2008-5985 - Epiphany
CVE-2008-5986 - Csound
CVE-2008-5987 - eog
CVE-2009-0314 - gedit
CVE-2009-0315 - xchat
CVE-2009-0316 - vim
CVE-2009-0317 - Nautilus
CVE-2009-0318 - Gnumeric
I'm not sure which versions of these packages and which Ubuntu
releases are actually affected, though.
Source and more information:
oss-security thread at http://www.openwall.com/lists/oss-security/2009/01/28/2
http://www.openwall.com/lists/oss-security/2009/01/26/2
To manage notifications about this bug go to:
https://bugs.launchpad.net/gedit/+bug/322196/+subscriptions