Advisories » MGASA-2015-0300

Updated ipython package fixes security vulnerability

Publication date: 03 Aug 2015
Modification date: 03 Aug 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4707 , CVE-2015-5607

Description

JSON error responses from the IPython notebook REST API contained
URL parameters and were incorrectly reported as text/html instead of
application/json. The error messages included some of these URL params,
resulting in a cross site scripting attack (CVE-2015-4707).

POST requests exposed via the IPython REST API are vulnerable to
cross-site request forgery (CSRF). Web pages on different domains can make
non-AJAX POST requests to known IPython URLs, and IPython will honor them.
The user's browser will automatically send IPython cookies along with the
requests. The response is blocked by the Same-Origin Policy, but the
request isn't (CVE-2015-5607).

The Mageia 5 package has been patched to fix these issues.  The Mageia 4
package wasn't vulnerable to CVE-2015-4707, but it has been updated and
patched to fix CVE-2015-5607.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=16183
• http://openwall.com/lists/oss-security/2015/06/22/7
• http://openwall.com/lists/oss-security/2015/07/12/4
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4707
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5607

SRPMS

5/core

• ipython-2.3.0-2.2.mga5

4/core

• ipython-2.3.0-1.mga4