* bug#53670: ipython CVE-2022-21699
@ 2022-01-31 20:28 Leo Famulari
2022-05-14 5:23 ` Maxim Cournoyer
0 siblings, 1 reply; 2+ messages in thread
From: Leo Famulari @ 2022-01-31 20:28 UTC (permalink / raw)
To: 53670
Python (Interactive Python) is a command shell for interactive computing
in multiple programming languages, originally developed for the Python
programming language. Affected versions are subject to an arbitrary code
execution vulnerability achieved by not properly managing cross user
temporary files. This vulnerability allows one user to run code as
another on the same machine.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x
^ permalink raw reply [flat|nested] 2+ messages in thread
* bug#53670: ipython CVE-2022-21699
2022-01-31 20:28 bug#53670: ipython CVE-2022-21699 Leo Famulari
@ 2022-05-14 5:23 ` Maxim Cournoyer
0 siblings, 0 replies; 2+ messages in thread
From: Maxim Cournoyer @ 2022-05-14 5:23 UTC (permalink / raw)
To: Leo Famulari; +Cc: 53670-done
Hi,
Leo Famulari <leo@famulari.name> writes:
> Python (Interactive Python) is a command shell for interactive computing
> in multiple programming languages, originally developed for the Python
> programming language. Affected versions are subject to an arbitrary code
> execution vulnerability achieved by not properly managing cross user
> temporary files. This vulnerability allows one user to run code as
> another on the same machine.
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
> https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x
Fixed with 1c8264d62e16f404786d9b526511cea29138ab9f.
Thanks for the report!
Maxim
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-14 5:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-31 20:28 bug#53670: ipython CVE-2022-21699 Leo Famulari
2022-05-14 5:23 ` Maxim Cournoyer
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.