bug#53670: closed (ipython CVE-2022-21699)

emacs-bug-tracker

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#53670: closed (ipython CVE-2022-21699)

From:	GNU bug Tracking System
Subject:	bug#53670: closed (ipython CVE-2022-21699)
Date:	Sat, 14 May 2022 05:24:01 +0000

Your message dated Sat, 14 May 2022 01:23:43 -0400
with message-id <87mtfkn0v4.fsf@gmail.com>
and subject line Re: bug#53670: ipython CVE-2022-21699
has caused the debbugs.gnu.org bug report #53670,
regarding ipython CVE-2022-21699
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
53670: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=53670
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems

--- Begin Message --- Subject: ipython CVE-2022-21699 Date: Mon, 31 Jan 2022 15:28:21 -0500

Python (Interactive Python) is a command shell for interactive computing
in multiple programming languages, originally developed for the Python
programming language. Affected versions are subject to an arbitrary code
execution vulnerability achieved by not properly managing cross user
temporary files. This vulnerability allows one user to run code as
another on the same machine. 

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x

--- End Message ---

--- Begin Message --- Subject: Re: bug#53670: ipython CVE-2022-21699 Date: Sat, 14 May 2022 01:23:43 -0400 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

Hi,

Leo Famulari <leo@famulari.name> writes:

> Python (Interactive Python) is a command shell for interactive computing
> in multiple programming languages, originally developed for the Python
> programming language. Affected versions are subject to an arbitrary code
> execution vulnerability achieved by not properly managing cross user
> temporary files. This vulnerability allows one user to run code as
> another on the same machine. 
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
> https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x

Fixed with 1c8264d62e16f404786d9b526511cea29138ab9f.

Thanks for the report!

Maxim

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

bug#53670: closed (ipython CVE-2022-21699), GNU bug Tracking System <=

Prev by Date: bug#35780: closed (texlive-latex-polyglossia package empty)
Next by Date: bug#41896: closed (texlive-union for python-matplotlib-documentation and python-ipython-documentation fail)
Previous by thread: bug#35780: closed (texlive-latex-polyglossia package empty)
Next by thread: bug#41896: closed (texlive-union for python-matplotlib-documentation and python-ipython-documentation fail)
Index(es):
- Date
- Thread