oss-sec mailing list archives
Re: CVE request: python-gnupg before 0.3.5 shell injection
From: Hanno Böck <hanno () hboeck de>
Date: Thu, 6 Feb 2014 09:52:07 +0100
Upstream has now released 0.3.6: Fixed Issue #98 : Rectified problems with earlier fix for shell injection. https://code.google.com/p/python-gnupg/ CVE request is still pending. I think we now need two: 1. Shell injection partly fixed in 0.3.5. 2. Incomplete fix for shell injection fixed in 0.3.6. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
signature.asc
Description:
Current thread:
- CVE request: python-gnupg before 0.3.5 shell injection Hanno Böck (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Vinay Sajip (Feb 05)
- Re: Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 05)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Vinay Sajip (Feb 05)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Florian Weimer (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection Henri Salo (Feb 04)
- Re: CVE request: python-gnupg before 0.3.5 shell injection cve-assign (Feb 09)
- Re: Re: CVE request: python-gnupg before 0.3.5 shell injection Simon McVittie (Feb 10)
- Re: CVE request: python-gnupg before 0.3.5 shell injection cve-assign (Feb 12)