A CVE was requested for a security issue in IPython: http://www.openwall.com/lists/oss-security/2015/07/12/4 The message above has links to commits to fix the issue in the 2.x and 3.x branches, but older versions are also affected (including the one in Mageia 4). Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
ok for cauldron and Mga5, but for Mga4, I don't see how to backport, sorry
packages in 5/core/updates_testing : python3-ipython-2.3.0-2.2.mga5.noarch ipython-2.3.0-2.2.mga5.src ipython-2.3.0-2.2.mga5.noarch ipython-doc-2.3.0-2.2.mga5.noarch Cauldron updated to 3.2.1
Would it hurt to update Mageia 4 to a newer version? I don't know enough about IPython to say.
Version: Cauldron => 5Whiteboard: MGA5TOO, MGA4TOO => MGA4TOO
(In reply to David Walser from comment #3) > Would it hurt to update Mageia 4 to a newer version? I don't know enough > about IPython to say. That's what I'm investigating now
reading "Backwards incompatible changes" in http://ipython.org/ipython-doc/3/whatsnew/version2.0.html I see no big problems so here it is : packages in 4/core/updates_testing : ipython-2.3.0-1.mga4.noarch ipython-2.3.0-1.mga4.src
Depends on: (none) => 16183
CVE-2015-5607 assigned: http://openwall.com/lists/oss-security/2015/07/21/3
Summary: ipython new security issue fixed upstream in 3.2.1 => ipython new security issue fixed upstream in 3.2.1 (CVE-2015-5607)
see previous test procedure in https://bugs.mageia.org/show_bug.cgi?id=13744#c1
Whiteboard: MGA4TOO => MGA4TOO has_procedure
Fedora has issued an advisory for this on July 17: https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162671.html
URL: (none) => http://lwn.net/Vulnerabilities/652942/
Fixed in: http://advisories.mageia.org/MGASA-2015-0300.html
Status: NEW => RESOLVEDResolution: (none) => FIXED