Bug 845755 (CVE-2013-4251) - VUL-0: CVE-2013-4251: python-scipy: weave /tmp and current directory issues
Summary: VUL-0: CVE-2013-4251: python-scipy: weave /tmp and current directory issues
Status: RESOLVED FIXED
Alias: CVE-2013-4251
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Todd R
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-10-14 11:57 UTC by Marcus Meissner
Modified: 2014-10-21 11:56 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2013-10-14 11:57:11 UTC 
public via rh bugzilla

CVE-2013-4251

weave seems to use things from /tmp and the current directory.

in rh bugzilla:

"I think it would be a good idea to remove the fallback to the current directory in the weave code (which happens if ~/.python26_compiled is not a writable directory).  This looks unsafe when the current directory is not trusted."


SciPy 0.12.1 has been released to fix this issue:

http://sourceforge.net/projects/scipy/files/scipy/0.12.1/
https://github.com/scipy/scipy/commit/bd296e0336420b840fcd2faabb97084fd252a973
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4251
https://bugzilla.redhat.com/show_bug.cgi?id=916690
Comment 1 Swamp Workflow Management 2013-10-14 22:00:23 UTC 
bugbot adjusting priority
Comment 2 Todd R 2013-11-05 18:18:13 UTC 
Version 0.13.0 has been pushed to factory.  If someone wants to update other releases they can do so.
Comment 3 Todd R 2014-10-21 10:18:31 UTC 
This was fixed with a scipy update a while ago.  Is there anything further that needs to be done?
Comment 4 Sebastian Krahmer 2014-10-21 11:56:48 UTC 
Dont think so. closing