English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 143769 CVE descriptions
and 71225 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  


--------------------------------------------------------------------------
  Turbolinux Security Advisory TLSA-2002-70
  http://www/turbolinux.co.jp/security/
                                            security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Python

Vulnerability of os.py

   Release date : 2002-11-02

   Solution: package : python-2.2-3

   Problem
    * There is a problem in treatment of the temporary file which the os. _execvpe of the os.py uses.
    There is a possibility of an optional command being executed because of the vulnerability.

   Solution:
    Using turbopkg command, please do automatic operation update.
    When there is a necessity only, update is done automatically.

Use the following command to verify the version currently installed.

    # rpm -qa | grep package name

    When automatic operation update is used, those which are presently are installed update all objects.
    Select the package, and use the rpm command to select when you would like to update.

    Execution example
    ---------------------------------------------------------------------
    1. In super user modification
    $ su -

    2. It inputs the password of the super user.
    Password:

    3. Starting the turbopkg
    # turbopkg

    4. Menu selection
    " Update "
    
    " FTP server "
    
    " Update sight "
    
    It selects the optional sight.

    5. In general user modification
    # exit
    ---------------------------------------------------------------------


    < Turbolinux 8 Server >

    Correspondence to be completed

    < Turbolinux 8 Workstation >

    python-2.2-3.i586.rpm
    python-devel-2.2-3.i586.rpm
    python-tools-2.2-3.i586.rpm
    tkinter-2.2-3.i586.rpm

    < Turbolinux 7 Server >
    < Turbolinux 7 Workstation >

    python-2.1.1-3.i586.rpm
    python-devel-2.1.1-3.i586.rpm
    python-tools-2.1.1-3.i586.rpm
    tkinter-2.1.1-3.i586.rpm

    < Turbolinux Server 6.5 >
    < Turbolinux Advanced Server 6 >
    < Turbolinux Server 6.1 >
    < Turbolinux Workstation 6.0 >

    python-1.5.2-15.i386.rpm
    python-devel-1.5.2-15.i386.rpm
    python-docs-1.5.2-15.i386.rpm
    tkinter-1.5.2-15.i386.rpm

    * Upon the maintenance of our company FTP sight, we determined that update of the turbopkg is neccesary. Details the below-mentioned URL reference.
http://www.turbolinux.co.jp/download/zabom.html

Package updates: http://www.turbolinux.co.jp/update/

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.