TEMP-0605160-28DAD2

NameTEMP-0605160-28DAD2
Descriptioninsecure python path handling
SourceAutomatically generated temporary name. Not for external reference.
Debian Bugs605150, 605151, 605152, 605153, 605157, 605158, 605159, 605160, 605161, 605163, 605168, 605169

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
calendarserver (PTS)buster9.2+dfsg-1fixed
distcc (PTS)jessie3.1-6.1fixed
stretch3.1-6.2fixed
buster3.3.2-10+deb10u1fixed
bullseye3.4+really3.3.5-3fixed
bookworm3.4+really3.4-3fixed
sid, trixie3.4+really3.4-9fixed
gnome-schedule (PTS)jessie2.1.1-4fixed
gnumed-client (PTS)jessie1.4.12+dfsg-1fixed
stretch1.6.11+dfsg-3fixed
buster1.7.5+dfsg-3fixed
bullseye1.8.5+dfsg-2fixed
bookworm1.8.9+dfsg-1fixed
sid, trixie1.8.19+dfsg-1fixed
gquilt (PTS)jessie, stretch0.25-4fixed
guake (PTS)jessie0.4.4-1fixed
stretch0.8.8-1fixed
buster3.4.0-1fixed
bullseye3.6.3-2fixed
bookworm3.9.0-2fixed
sid, trixie3.10-2fixed
mmass (PTS)jessie5.5.0-4fixed
buster, stretch5.5.0-5fixed
opendnssec (PTS)jessie1:1.4.6-6fixed
stretch1:2.0.4-3fixed
buster1:2.1.3-2fixed
bullseye1:2.1.7-2fixed
bookworm1:2.1.12-2fixed
sid, trixie1:2.1.13-1.2fixed
pybliographer (PTS)jessie, stretch1.2.16-1fixed
pymca (PTS)jessie4.7.4+dfsg-1fixed
stretch5.1.3+dfsg-1fixed
buster5.4.3+dfsg-1fixed
bullseye5.6.3+dfsg-1fixed
bookworm5.8.0+dfsg-2fixed
sid, trixie5.9.3+dfsg-1fixed
snappea (PTS)jessie3.0d3-23fixed
buster, stretch3.0d3-24fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
calendarserversource(unstable)2.4.dfsg-2.1low605157
distccsourcelenny(not affected)
distccsource(unstable)3.1-3.2low605168
dlr-languagessource(unstable)20090805+git.e6b28d27+dfsg-3low605158
gnome-schedulesource(unstable)2.1.1-3.1low605169
gnumed-clientsourcesqueeze0.7.10-1
gnumed-clientsource(unstable)0.8.5-1low605159
gquiltsourcelenny0.20-2+lenny1
gquiltsource(unstable)0.22-1.1low605152
guakesource(unstable)0.4.2-3low605163
mmasssourcesqueeze(not affected)
mmasssource(unstable)3.8.0-2low605150
opendnssecsource(unstable)1.1.3-2low605161
pybliographersourcesqueeze1.2.12-4squeeze1
pybliographersource(unstable)1.2.14-3low605153
pymcasource(unstable)4.4.1p1-1low605160
snappeasource(unstable)3.0d3-20low605151

Notes

[lenny] - calendarserver <no-dsa> (Minor issue)
[lenny] - snappea <no-dsa> (Minor issue)
[lenny] - ironpython <no-dsa> (Minor issue)
[lenny] - gnome-schedule <no-dsa> (Minor issue)
[lenny] - gnumed-client <no-dsa> (Minor issue)
[lenny] - distcc <not-affected> (Vulnerable code not present)
[squeeze] - mmass <not-affected> (Doesn't set PYTHONPATH)
Search for package or bug name: Reporting problems