Format: 1.8
Date: Tue, 12 May 2015 13:26:28 +0200
Source: python-dbusmock
Binary: python-dbusmock python3-dbusmock
Architecture: all
Version: 0.10.1-1ubuntu1
Distribution: trusty
Urgency: medium
Maintainer: Ubuntu/amd64 Build Daemon <buildd@allspice.buildd>
Changed-By: Martin Pitt <martin.pitt@ubuntu.com>
Description: 
 python-dbusmock - mock D-Bus objects for tests (Python 2)
 python3-dbusmock - mock D-Bus objects for tests (Python 3)
Launchpad-Bugs-Fixed: 1453815
Changes: 
 python-dbusmock (0.10.1-1ubuntu1) trusty-security; urgency=medium
 .
   * SECURITY FIX: When loading a template from an arbitrary file through the
     AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template()
     Python method, don't create or use Python's *.pyc cached files. By
     tricking a user into loading a template from a world-writable directory
     like /tmp, an attacker could run arbitrary code with the user's
     privileges by putting a crafted .pyc file into that directory.
 .
     Note that this is highly unlikely to actually appear in practice as custom
     dbusmock templates are usually shipped in project directories, not
     directly in world-writable directories.
     (LP: #1453815, CVE-2015-1326)
Checksums-Sha1: 
 df72721c0cbe25ebb0c6217837fcdba94a6ebd89 46958 python-dbusmock_0.10.1-1ubuntu1_all.deb
 b5e7435ca707fb165c487677fbcf77c0ce59407e 47034 python3-dbusmock_0.10.1-1ubuntu1_all.deb
Checksums-Sha256: 
 25291f54eb16bd42750874ba04ef80ca02e5406840b0da5ec17c2a77b9e60e35 46958 python-dbusmock_0.10.1-1ubuntu1_all.deb
 89a451f43d23a51714d2561a90e9c8341db16ccf31cdc411b829e415ecb6a76d 47034 python3-dbusmock_0.10.1-1ubuntu1_all.deb
Files: 
 2160497f1cf983aa5b95408d61d84c17 46958 python optional python-dbusmock_0.10.1-1ubuntu1_all.deb
 354050a74c227e982150af58e40c2c30 47034 python optional python3-dbusmock_0.10.1-1ubuntu1_all.deb
Original-Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>