Fedora 23: ipython Security Update
Summary
IPython provides a replacement for the interactive Python interpreter with
extra functionality.
Main features:
* Comprehensive object introspection.
* Input history, persistent across sessions.
* Caching of output results during a session with automatically generated
references.
* Readline based name completion.
* Extensible system of 'magic' commands for controlling the environment and
performing many tasks related either to IPython or the operating system.
* Configuration system with easy switching between different setups (simpler
than changing $PYTHONSTARTUP environment variables every time).
* Session logging and reloading.
* Extensible syntax processing for special purpose situations.
* Access to the system shell with user-extensible alias system.
* Easily embeddable in other Python programs.
* Integrated access to the pdb debugger and the Python profiler.
Update Information:
Add upstream patch to fix file execution vulnerability (bug #1264067) ---- Add upstream patch to fix XSS vulnerability (bug #1259405)
Change Log
References
[ 1 ] Bug #1264067 - CVE-2015-7337 ipython: Maliciously crafted files can be executed due to wrong file type determination https://bugzilla.redhat.com/show_bug.cgi?id=1264067 [ 2 ] Bug #1259405 - CVE-2015-6938 ipython: XSS via local folder name https://bugzilla.redhat.com/show_bug.cgi?id=1259405
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at .