USN-80-1: mod_python vulnerability

11 February 2005

libapache2-mod-python vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 4.10

Software Description

Details

Graham Dumpleton discovered an information disclosure in the “publisher” handle of mod_python. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 4.10
libapache2-mod-python2.2
libapache2-mod-python2.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References