Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 22 Sep 2015 09:42:07 +0200
From: MinRK <benjaminrk@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: Maliciously crafted text files in IPython/Jupyter editor

Is there any more information needed to get a CVE assignment on this?

-MinRK

On Wed, Sep 16, 2015 at 3:02 PM, MinRK <benjaminrk@...il.com> wrote:

> Email address of requester: security@...thon.org, benjaminrk@...il.com,
> rgbkrk@...il.com, jkamens@...ntopian.com, ssanderson@...ntopian.com
>
> Software name: IPython notebook / Jupyter notebook
> Type of vulnerability: Maliciously forged file
> Attack outcome: Possible remote execution
>
> Vulnerability: A maliciously forged file opened for editing can execute
> javascript, specifically by being redirected to /files/ due to a failure to
> treat the file as plain text.
>
> Affected versions:
>
> - IPython 3.0 ≤ version ≤ 3.2.1
> - notebook 4.0 ≤ 4.0.4
>
> URI with issues:
>
> - GET /edit/**
>
> Patches:
>
> - IPython 3.x: 0a8096adf165e2465550bd5893d7e352544e5967 (
> https://github.com/ipython/ipython/commit/0a8096adf165e2465550bd5893d7e352544e5967
> )
> - Jupyter 4.0.x: 9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b5 (
> https://github.com/jupyter/notebook/commit/9e63dd89b603dfbe3a7e774d8a962ee0fa30c0b5
> )
>
> Mitigations:
>
> Upgrade to IPython/Jupyter notebook 4.0.5, 4.1 or 3.2.2 once available.
> If using pip,
>
>     pip install --upgrade "ipython[notebook]<4.0"  # for 3.2.2
>     pip install --upgrade notebook # for 4.1 or 4.0.5
>
> For conda:
>
>     conda update conda
>     conda update ipython "ipython-notebook<4.0" # for 3.2.2
>     conda update notebook # for 4.1 or 4.0.5
>
> Vulnerability reported by Jonathan Kamens at Quantopian
>
>

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ