** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pygobject-2 in Ubuntu.
https://bugs.launchpad.net/bugs/1513964
Title:
dsextras.py : Shell Command Injecti
Seens the bug is already known and fixed since 2014 but found not its way to
ubuntu repos.
http://bugs.python.org/issue22636
** Information type changed from Private Security to Public Security
** Bug watch added: Python Roundup #22636
http://bugs.python.org/issue22636
--
You received this
@Marc
Yes , if some application has a bug , for example MintNanny :
https://bugs.launchpad.net/linuxmint/+bug/1460835
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1507025
Tit
Reported to Upstream :
http://bugs.python.org/issue25627
** Bug watch added: Python Roundup #25627
http://bugs.python.org/issue25627
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchp
Hello Tyler,
i only used the setup script because the distutils.core.setup() function takes
such a large number of arguments, so its more easy to read than in one single
line of code.
No, i haven't reported this issue to upstream.
--
You received this bug notification because you are a member
*** This bug is a security vulnerability ***
Public security bug reported:
File :
/usr/lib/python2.7/distutils/command/bdist_rpm.py
Line 358 :
This line in the code uses the depreached os.popen command, should be replaced
with subprocess.Popen() :
out = os.popen(q_cmd)
Exploit demo :
Public bug reported:
https://github.com/Legrandin/ctypes/issues/1
The find_library() function can execute code when special chars like ;|`<>$ are
in the name.
The "os.popen()" calls in the util.py script should be replaced with
"subprocess.Popen()".
Demo Exploits for Linux :
==
#! /bin/sh
# run this as root early in the boot order. No other script like hostname.sh
should run later
HOSTNAME="$(hostname|sed 's/[^A-Za-z0-9_\-\.]/x/g')";hostname "$HOSTNAME"
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed t
script
** Attachment added: "changehostname.sh"
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1507025/+attachment/4510099/+files/changehostname.sh
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
http
Workaround ...
to make my modified "hostname.sh" script run at startup, i changed the file
/etc/rc.local
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order t
Thats better ... (the "-" was wrong in my previous posting )
HOSTNAME="${HOSTNAME//[^A-Za-z0-9_\-]/x}"
i attached a modified hostname.sh wich uses bash.
it can be startet manualy with
sudo /etc/init.d/hostname.sh start
The command should somehow run at startup ... but does not by default ?
*
Patch :
HOSTNAME=${HOSTNAME//[^A-Za-z0-9-_]/_}
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1507025
Title:
Shell Command Injection with the hostname
Status in bash packag
german demo video
https://www.youtube.com/watch?v=qYuVzHsklS8
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1507025
Title:
Shell Command Injection with the hostname
Status
typo ... the path is
/etc/init.d/hostname.sh
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1507025
Title:
Shell Command Injection with the hostname
Status in bash package
I agree,
i think the hostname should be in the hands of the kernel only.
Should not be overwritten by /etc/hostname.sh.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/1507025
** Attachment removed: "Dependencies.txt"
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1507025/+attachment/4497264/+files/Dependencies.txt
** Attachment removed: "JournalErrors.txt"
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1507025/+attachment/4497265/+files/JournalErrors.
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python2.7 in Ubuntu.
https://bugs.launchpad.net/bugs/1462470
Title:
pydoc.py uses old netscape navigator
Status in
Public bug reported:
File :
/usr/lib/python2.7/pydoc.py
line : 2216 ... 2226
pydoc.py uses old netscape navigator when the webbrowser module can not
be imported:
And it is vulnerable to shell command injection too,
because it uses os.system() wich allows shell commands in the parameter "url".
18 matches
Mail list logo
