Setuptools could be made to write files to arbitrary locations on the
filesystem.
Software Description:
- setuptools: Python Distutils Enhancements (documentation)
- python-setuptools: Python Distutils Enhancements
Details:
It was discovered that setuptools did not properly sanitize paths. An
attacker could possibly use this issue to write files to arbitrary
locations on the filesystem.
The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 python3-setuptools 75.8.0-1ubuntu1 Ubuntu 24.10 python3-setuptools 74.1.2-1ubuntu0.1 Ubuntu 24.04 LTS python3-setuptools 68.1.2-2ubuntu1.2 Ubuntu 22.04 LTS pypy-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm2 Available with Ubuntu Pro python-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm2 Available with Ubuntu Pro python3-setuptools 59.6.0-1.2ubuntu0.22.04.3 Ubuntu 20.04 LTS pypy-setuptools 44.0.0-2ubuntu0.1+esm2 Available with Ubuntu Pro python-setuptools 44.0.0-2ubuntu0.1+esm2 Available with Ubuntu Pro python3-setuptools 45.2.0-1ubuntu0.3 Ubuntu 18.04 LTS pypy-setuptools 39.0.1-2ubuntu0.1+esm2 Available with Ubuntu Pro python-setuptools 39.0.1-2ubuntu0.1+esm2 Available with Ubuntu Pro python3-setuptools 39.0.1-2ubuntu0.1+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS pypy-setuptools 20.7.0-1ubuntu0.1~esm3 Available with Ubuntu Pro python-setuptools 20.7.0-1ubuntu0.1~esm3 Available with Ubuntu Pro python3-setuptools 20.7.0-1ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 14.04 LTS python-setuptools 3.3-1ubuntu2+esm3 Available with Ubuntu Pro python3-setuptools 3.3-1ubuntu2+esm3 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-7544-1
CVE-2025-47273
Get the latest Linux and open source security news straight to your inbox.