Updated python-suds package fixes security vulnerability
Publication date: 21 Jul 2013Modification date: 21 Jul 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-2217
Description
An insecure temporary directory use flaw was found in the way python-suds performed initialization of its internal file-based URL cache (predictable location was used for directory to store the cached files). A local attacker could use this flaw to conduct symbolic link attacks, possibly leading to their ability for example the SOAP .wsdl metadata to redirect queries to a different host, than originally intended (CVE-2013-2217).
References
SRPMS
3/core
- python-suds-0.4.1-3.1.mga3
2/core
- python-suds-0.4.1-2.1.mga2