Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 531
Alerts This Week
Warning Icon 1 531

Fedora 21: 2015-14901 Critical Update for ipython XSS Issue

fedora
Calendar Grey September 18, 2015
Scroller Fedora
Fedora 21 has issued an update for ipython, resolving an XSS vulnerability with an upstream patch. Details available.
Add upstream patch to fix XSS vulnerability (bug #1259405)

Summary

IPython provides a replacement for the interactive Python interpreter with

extra functionality.

Main features:

* Comprehensive object introspection.

* Input history, persistent across sessions.

* Caching of output results during a session with automatically generated

references.

* Readline based name completion.

* Extensible system of 'magic' commands for controlling the environment and

performing many tasks related either to IPython or the operating system.

* Configuration system with easy switching between different setups (simpler

than changing $PYTHONSTARTUP environment variables every time).

* Session logging and reloading.

* Extensible syntax processing for special purpose situations.

* Access to the system shell with user-extensible alias system.

* Easily embeddable in other Python programs.

* Integrated access to the pdb debugger and the Python profiler.

Update Information:

Add upstream patch to fix XSS vulnerability (bug #1259405)

Change Log

References


[ 1 ] Bug #1259405 - CVE-2015-6938 ipython: XSS via local folder name https://bugzilla.redhat.com/show_bug.cgi?id=1259405

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: ipython
Product: Fedora 21
Version: 2.4.1
Release: 8.fc21
Summary: An enhanced interactive Python shell

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.