Debian Security Advisory 5065-1

Debian Security Advisory 5065-1: Posted Jan 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5065-1 - It was discovered that IPython, an enhanced interactive Python shell, executed config files from the current working directory, which could result in cross-user attacks if run from a directory multiple users may write to.; tags | advisory, shell, python; systems | linux, debian; advisories | CVE-2022-21699; SHA-256 | db9e1564b2441223f7584efd377fd922cb517e83f99f36f78b8b6741e48fd53e; Download | Favorite | View

Debian Security Advisory 5065-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5065-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
January 31, 2022                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : ipython
CVE ID         : CVE-2022-21699

It was discovered that IPython, an enhanced interactive Python shell,
executed config files from the current working directory, which could
result in cross-user attacks if run from a directory multiple users
may write to.

For the oldstable distribution (buster), this problem has been fixed
in version 5.8.0-1+deb10u1.

For the stable distribution (bullseye), this problem has been fixed in
version 7.20.0-1+deb11u1.

We recommend that you upgrade your ipython packages.

For the detailed security status of ipython please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ipython

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmH4PYgACgkQEMKTtsN8
TjY8vw//d1FA/8Q7ysEl6ztpU7bDmJ+xQ3zKKL/N7usjY4WxDSxzdiSfSdzQNSLC
DZEUezNCB4Y7ojBuH4I1bvf7aHTTetGTBqgdqlZ9hEdTxSrkkz2u1HyzkyxUlhfj
Zt+SnSX2xckcRHv1jV0bv45h1Mv1WPNm6yeixVVTZ3KBYMwzax44yWKji4iPa9r2
uEECeStNONAC+h4bs10FQBN5FvcNlj047ocUkuZUzCKp6eEhOlpDYCY45Hhf2HNI
IQ3Kh5a2vulXugUGo9zduxvnkJmSMzITc4Y8aIXnbZKqGl04Xg4FoAt4oe5+Z3tS
Ug+BvIAlDHzuevI4ghnLe/QJ+uDYcmmEB1dotiCb1BQrGAZ8XDGFkh3nR+Vxw4OO
l4BgjMAY14MrpWrcViwUEiAY3f3OuYnDoCPmWDuNyC1z5d33NIVEBmbqk/6jmaNR
wNAHLktw5LA4v9LlpAUae0qBu6N0rl+CJVgazZGMTfXmnWDy2YZRtBtD1jd6FjDw
3+uAl4XldXxOAGJONBT/izdY2te1xPupTKCDZK4jdAvvp+SoP+cG8m1BHv3x6rGF
/kQJJZl4Tqd+83WTPBV4mHiSqs4Wb+yOPKWJLaIhOkcnLANq4MDMua/IVgBC+x/V
y6sd+3jJ93K/E6Qs2lhwThpt0CfylG1xnST43KZYBPe2lk4gf9Y=
=gyVd
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Debian Security Advisory 5065-1

Debian Security Advisory 5065-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5065-1

Share This

Debian Security Advisory 5065-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems