TEMP-0605160-28DAD2

NameTEMP-0605160-28DAD2
Descriptioninsecure python path handling
SourceAutomatically generated temporary name. Not for external reference.
Debian Bugs605150, 605151, 605152, 605153, 605157, 605158, 605159, 605160, 605161, 605163, 605168, 605169

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
calendarserver (PTS)buster9.2+dfsg-1fixed
distcc (PTS)buster3.3.2-10+deb10u1fixed
bullseye3.4+really3.3.5-3fixed
bookworm, sid3.4+really3.4-3fixed
gnumed-client (PTS)buster1.7.5+dfsg-3fixed
bullseye1.8.5+dfsg-2fixed
bookworm, sid1.8.9+dfsg-1fixed
guake (PTS)buster3.4.0-1fixed
bullseye3.6.3-2fixed
bookworm, sid3.9.0-2fixed
mmass (PTS)buster5.5.0-5fixed
opendnssec (PTS)buster1:2.1.3-2fixed
bullseye1:2.1.7-2fixed
bookworm, sid1:2.1.12-2fixed
pymca (PTS)buster5.4.3+dfsg-1fixed
bullseye5.6.3+dfsg-1fixed
bookworm, sid5.8.0+dfsg-2fixed
snappea (PTS)buster3.0d3-24fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
calendarserversource(unstable)2.4.dfsg-2.1low605157
distccsourcelenny(not affected)
distccsource(unstable)3.1-3.2low605168
dlr-languagessource(unstable)20090805+git.e6b28d27+dfsg-3low605158
gnome-schedulesource(unstable)2.1.1-3.1low605169
gnumed-clientsourcesqueeze0.7.10-1
gnumed-clientsource(unstable)0.8.5-1low605159
gquiltsourcelenny0.20-2+lenny1
gquiltsource(unstable)0.22-1.1low605152
guakesource(unstable)0.4.2-3low605163
mmasssourcesqueeze(not affected)
mmasssource(unstable)3.8.0-2low605150
opendnssecsource(unstable)1.1.3-2low605161
pybliographersourcesqueeze1.2.12-4squeeze1
pybliographersource(unstable)1.2.14-3low605153
pymcasource(unstable)4.4.1p1-1low605160
snappeasource(unstable)3.0d3-20low605151

Notes

[lenny] - calendarserver <no-dsa> (Minor issue)
[lenny] - snappea <no-dsa> (Minor issue)
[lenny] - ironpython <no-dsa> (Minor issue)
[lenny] - gnome-schedule <no-dsa> (Minor issue)
[lenny] - gnumed-client <no-dsa> (Minor issue)
[lenny] - distcc <not-affected> (Vulnerable code not present)
[squeeze] - mmass <not-affected> (Doesn't set PYTHONPATH)
Search for package or bug name: Reporting problems