Stay Secure with the Latest Linux Advisories

security advisoryFedorabug fix

Fedora 22: 2015-11677 Critical Security Fix for IPython CSRF Flaw

Fix CSRF issue. - Fix font-awesome paths (bug #1219956) - Add upstream patch to fix PyQt4 import (bug #1219997) - Use python2 macros, fix python3 shebang fix Fix fontawesome path. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-11677 2015-07-17 23:25:23 -------------------------------------------------------------------------------- Name : ipython Product : Fedora 22 Version : 2.4.1 Release : 7.fc22 URL : https://ipython.org/ Summary : An enhanced interactive Python shell Description : IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: * Comprehensive object introspection. * Input history, persistent across sessions. * Caching of output results during a session with automatically generated references. * Readline based name completion. * Extensible system of 'magic' commands for controlling the environment and performing many tasks related either to IPython or the operating system. * Configuration system with easy switching between different setups (simpler than changing $PYTHONSTARTUP environment variables every time). * Session logging and reloading. * Extensible syntax processing for special purpose situations. * Access to the system shell with user-extensible alias system. * Easily embeddable in other Python programs. * Integrated access to the pdb debugger and the Python profiler. -------------------------------------------------------------------------------- Update Information: Fix CSRF issue. - Fix font-awesome paths (bug #1219956) - Add upstream patch to fix PyQt4 import (bug #1219997) - Use python2 macros, fix python3 shebang fix Fix fontawesome path -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 16 2015 Orion Poplawski - 2.4.1-7 - Update to 2.x to fix CSRF issue (bug #1243842) * Mon Jul 13 2015 Orion Poplawski - 2.4.1-6 - Fix fontawesomepath -------------------------------------------------------------------------------- References: [ 1 ] Bug #1243842 - CVE-2015-5607 iptyhon: cross-site request forgery in get_origin() https://bugzilla.redhat.com/show_bug.cgi?id=1243842 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipython' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The latest security patch for IPython on Fedora 22 tackles a serious CSRF vulnerability and fixes path inconsistencies, enhancing app reliability and efficiency. ipython, Fedora, CSRF Fix, Security Update, Bug Fix. . Severity: Critical. LinuxSecurity.com Team

Jul 30, 2015 •Critical Fedora