Viewing all changes in revision 2010.
- Committer: Martin Pitt
- Date: 2015-10-27 13:18:01 UTC
- Revision ID: martin.pitt@canonical.com-20151027131801-05x7jpa3ev4n42b6
SECURITY FIX: When determining the path of a Python module for a program
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)
like "python -m module_name", avoid actually importing and running the
module; this could lead to local root privilege escalation. Thanks to
Gabriel Campana for discovering this and the fix!
(CVE-2015-1341, LP: #1507480)
- files modified:
- apport/report.py
expand all
collapse all
added
removed
