Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 22.04 LTS Security Advisory: Setuptools Arbitrary Write Issue

ubuntu
Calendar Grey May 28, 2025
Dist Ubuntu Esm H88
A potential security flaw in Setuptools on Ubuntu might allow unauthorized file writes to various locations. Below are the instructions for updating your system to mitigate this issue.
Setuptools could be made to write files to arbitrary locations on the filesystem.

Summary

Setuptools could be made to write files to arbitrary locations on the

filesystem.

Software Description:

- setuptools: Python Distutils Enhancements (documentation)

- python-setuptools: Python Distutils Enhancements

Details:

It was discovered that setuptools did not properly sanitize paths. An

attacker could possibly use this issue to write files to arbitrary

locations on the filesystem.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
   python3-setuptools              75.8.0-1ubuntu1

Ubuntu 24.10
   python3-setuptools              74.1.2-1ubuntu0.1

Ubuntu 24.04 LTS
   python3-setuptools              68.1.2-2ubuntu1.2

Ubuntu 22.04 LTS
   pypy-setuptools                 44.1.1-1.2ubuntu0.22.04.1+esm2
                                   Available with Ubuntu Pro
   python-setuptools               44.1.1-1.2ubuntu0.22.04.1+esm2
                                   Available with Ubuntu Pro
   python3-setuptools              59.6.0-1.2ubuntu0.22.04.3

Ubuntu 20.04 LTS
   pypy-setuptools                 44.0.0-2ubuntu0.1+esm2
                                   Available with Ubuntu Pro
   python-setuptools               44.0.0-2ubuntu0.1+esm2
                                   Available with Ubuntu Pro
   python3-setuptools              45.2.0-1ubuntu0.3

Ubuntu 18.04 LTS
   pypy-setuptools                 39.0.1-2ubuntu0.1+esm2
                                   Available with Ubuntu Pro
   python-setuptools               39.0.1-2ubuntu0.1+esm2
                                   Available with Ubuntu Pro
   python3-setuptools              39.0.1-2ubuntu0.1+esm2
                                   Available with Ubuntu Pro

Ubuntu 16.04 LTS
   pypy-setuptools                 20.7.0-1ubuntu0.1~esm3
                                   Available with Ubuntu Pro
   python-setuptools               20.7.0-1ubuntu0.1~esm3
                                   Available with Ubuntu Pro
   python3-setuptools              20.7.0-1ubuntu0.1~esm3
                                   Available with Ubuntu Pro

Ubuntu 14.04 LTS
   python-setuptools               3.3-1ubuntu2+esm3
                                   Available with Ubuntu Pro
   python3-setuptools              3.3-1ubuntu2+esm3
                                   Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

  https://ubuntu.com/security/notices/USN-7544-1

  CVE-2025-47273

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7544-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here