From ${URL} : Software name: IPython notebook Type of vulnerability: CSRF Attack outcome: Possible remote execution Patches: 2.x: https://github.com/ipython/ipython/commit/a05fe052a18810e92d9be8c1185952c13fe4e5b0 3.x: https://github.com/ipython/ipython/commit/1415a9710407e7c14900531813c15ba6165f0816 Affected versions: 0.12 ≤ version ≤ 3.2.0 Summary: POST requests exposed via the IPython REST API are vulnerable to cross-site request forgery (CSRF). Web pages on different domains can make non-AJAX POST requests to known IPython URLs, and IPython will honor them. The user's browser will automatically send IPython cookies along with the requests. The response is blocked by the Same-Origin Policy, but the request isn't. API paths with issues: * POST /api/contents/<path>/<file> * POST /api/contents/<path>/<file>/checkpoints * POST /api/contents/<path>/<file>/checkpoints/<checkpoint_id> * POST /api/kernels * POST /api/kernels/<kernel_id>/<action> * POST /api/sessions * POST /api/clusters/<cluster_id>/<action> Mitigations: Upgrade to IPython 3.2.1. If using pip, @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
*ipython-3.2.1 (18 Jul 2015) 18 Jul 2015; Ian Delaney <idella4@gentoo.org> +ipython-3.2.1.ebuild: bump wrt security bug #541628, minor tidy to ebuild in deps. I suggest go straight to stabilisation. There is a glitch in the testsuite under python3.4 which I recommend as not blocking going stable. It has been filed upstream already. KEYWORDS="~amd64 ~arm ~ppc64 ~x86 and ppc is also required Pleas refrain from content such as "Upgrade to IPython 3.2.1. If using pip," which mentions use of pip.
Arches, please test and mark stable: =dev-python/ipython-3.2.1 Target Keywords : "amd64 arm ppc ppc64 x86" Thank you!
Stable for PPC64.
amd64 stable
x86 stable
ppc stable
ping on arm stabilization.
arm stable, all arches done.
commit 664e0d0f43e4f3ddc8033a3b6a3d6d57d0590425 Author: Justin Lecher <jlec@gentoo.org> Date: Sat Oct 10 17:48:42 2015 +0200 dev-python/ipython: Drop vulnerable version (CVE-2015-5607, CVE-2015-7337) Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=554868 Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=560708 Package-Manager: portage-2.2.23 Signed-off-by: Justin Lecher <jlec@gentoo.org> https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=664e0d0f43e4f3ddc8033a3b6a3d6d57d0590425
@sec, all clean now.
(In reply to Justin Lecher from comment #10) > @sec, all clean now. Thanks, closing
