all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
* bug#53670: ipython CVE-2022-21699
@ 2022-01-31 20:28 Leo Famulari
  2022-05-14  5:23 ` Maxim Cournoyer
  0 siblings, 1 reply; 2+ messages in thread
From: Leo Famulari @ 2022-01-31 20:28 UTC (permalink / raw)
  To: 53670

Python (Interactive Python) is a command shell for interactive computing
in multiple programming languages, originally developed for the Python
programming language. Affected versions are subject to an arbitrary code
execution vulnerability achieved by not properly managing cross user
temporary files. This vulnerability allows one user to run code as
another on the same machine. 

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x




^ permalink raw reply	[flat|nested] 2+ messages in thread
* bug#53670: ipython CVE-2022-21699
  2022-01-31 20:28 bug#53670: ipython CVE-2022-21699 Leo Famulari
@ 2022-05-14  5:23 ` Maxim Cournoyer
  0 siblings, 0 replies; 2+ messages in thread
From: Maxim Cournoyer @ 2022-05-14  5:23 UTC (permalink / raw)
  To: Leo Famulari; +Cc: 53670-done

Hi,

Leo Famulari <leo@famulari.name> writes:

> Python (Interactive Python) is a command shell for interactive computing
> in multiple programming languages, originally developed for the Python
> programming language. Affected versions are subject to an arbitrary code
> execution vulnerability achieved by not properly managing cross user
> temporary files. This vulnerability allows one user to run code as
> another on the same machine. 
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
> https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x

Fixed with 1c8264d62e16f404786d9b526511cea29138ab9f.

Thanks for the report!

Maxim




^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-14  5:24 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-31 20:28 bug#53670: ipython CVE-2022-21699 Leo Famulari
2022-05-14  5:23 ` Maxim Cournoyer

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.