1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5422-1] jupyter-core security update

    From Aron Xu@21:1/5 to All on Fri Jun 9 09:30:01 2023
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5422-1 security@debian.org https://www.debian.org/security/ Aron Xu
    June 09, 2023 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : jupyter-core
    CVE ID : CVE-2022-39286
    Debian Bug : 1023361

    It was discovered that jupyter-core, the core common functionality for
    Jupyter projects, could execute arbitrary code in the current working
    directory while loading configuration files.

    For the stable distribution (bullseye), this problem has been fixed in
    version 4.7.1-1+deb11u1.

    We recommend that you upgrade your jupyter-core packages.

    For the detailed security status of jupyter-core please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/jupyter-core

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmSC094ACgkQO1LKKgqv 2VQqmAf7BuaSZZoh8XI6RUFVbwi0NSsFUVY0x4lLIUr49M+qpZoRsUxLAqjeAsqA nLONXNZeqRmL/lCL/4dZ1BvP0D3lW7DaKzP25D9HhamuBMo/8Uvcn/jKhTW+SwXG 5qzJoN1XrHHN9ye/yFUd3em+wgZwlOUWVRAICTmnw0s1IA2Z1Urx5qIOD0wphuPw g2QeluVVXlhUDVm8fd0EHi2LupnukIfe4BnPvKtPPrt6wNYxiUEICrXsf21HV/xq 07J3MmyJwNmJKw4+GhqDVhcbLW/tWwp51ux+nHXoHOR2GVILwVW1+qp24BOo6ecq G2VldohIy0T8eMebBH9ojICKHT+bpA==
    =S5gL
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)