Untrusted search path vulnerability in the Python interface in
Epiphany 2.22.3, and possibly other versions, allows local users to
execute arbitrary code via a Trojan horse Python file in the current
working directory, related to a vulnerability in the PySys_SetArgv
I am not sure whether this bug is being tracked upstream. Please see the blocker for details and a patch example.
2.22.3-r2 and 2.22.3-r12 are in the tree.
Arches, please test and mark stable:
Target keywords : "alpha amd64 hppa ia64 ppc ppc64 sparc x86"
Sparc stable, seems fine (tested with USE=xulrunner).
Stable for HPPA.
ppc and ppc64 done