Ubuntu 25.10 jaraco.context Critical File Overwrite Threat USN-7979-1
ubuntu
January 27, 2026
jaraco.context could be made to overwrite files.
Summary
jaraco.context could be made to overwrite files.
Software Description:
- jaraco.context: context managers extending functionality of Python's contextlib
Details:
It was discovered that jaraco.context incorrectly handled certain zip file
paths. An attacker could possibly use this issue to extract arbitrary files
outside of the intented extraction directory.
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 python3-jaraco.context 6.0.1-1ubuntu0.1 In general, a standard system update will make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-7979-1
CVE-2026-23949
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Ubuntu Security Notice USN-7979-1
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!