bug#53670: ipython CVE-2022-21699

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#53670: ipython CVE-2022-21699

From:	Maxim Cournoyer
Subject:	bug#53670: ipython CVE-2022-21699
Date:	Sat, 14 May 2022 01:23:43 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

Hi,

Leo Famulari <leo@famulari.name> writes:

> Python (Interactive Python) is a command shell for interactive computing
> in multiple programming languages, originally developed for the Python
> programming language. Affected versions are subject to an arbitrary code
> execution vulnerability achieved by not properly managing cross user
> temporary files. This vulnerability allows one user to run code as
> another on the same machine. 
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21699
> https://github.com/ipython/ipython/security/advisories/GHSA-pq7m-3gw7-gq5x

Fixed with 1c8264d62e16f404786d9b526511cea29138ab9f.

Thanks for the report!

Maxim

[Prev in Thread]

Current Thread

[Next in Thread]

bug#53670: ipython CVE-2022-21699, Maxim Cournoyer <=

Prev by Date: bug#35780: texlive-latex-polyglossia package empty
Next by Date: bug#41896: texlive-union for python-matplotlib-documentation and python-ipython-documentation fail
Previous by thread: bug#35780: texlive-latex-polyglossia package empty
Next by thread: bug#41896: texlive-union for python-matplotlib-documentation and python-ipython-documentation fail
Index(es):
- Date
- Thread