Ubuntu 2618-1: python-dbusmock vulnerability

    Date21 May 2015
    CategoryUbuntu
    54
    Posted ByLinuxSecurity Advisories
    python-dbusmock could be tricked into running arbitrary programs.
    ==========================================================================
    Ubuntu Security Notice USN-2618-1
    May 21, 2015
    
    python-dbusmock vulnerability
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 15.04
    - Ubuntu 14.10
    - Ubuntu 14.04 LTS
    
    Summary:
    
    python-dbusmock could be tricked into running arbitrary programs.
    
    Software Description:
    - python-dbusmock: mock D-Bus objects for tests
    
    Details:
    
    It was discovered that python-dbusmock incorrectly handled template
    loading from shared directories. A local attacker could possibly use this
    issue to execute arbitrary code.
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 15.04:
      python-dbusmock                 0.14-1ubuntu2
      python3-dbusmock                0.14-1ubuntu2
    
    Ubuntu 14.10:
      python-dbusmock                 0.11.4-1ubuntu1
      python3-dbusmock                0.11.4-1ubuntu1
    
    Ubuntu 14.04 LTS:
      python-dbusmock                 0.10.1-1ubuntu1
      python3-dbusmock                0.10.1-1ubuntu1
    
    In general, a standard system update will make all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-2618-1
      CVE-2015-1326
    
    Package Information:
      https://launchpad.net/ubuntu/+source/python-dbusmock/0.14-1ubuntu2
      https://launchpad.net/ubuntu/+source/python-dbusmock/0.11.4-1ubuntu1
      https://launchpad.net/ubuntu/+source/python-dbusmock/0.10.1-1ubuntu1
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.