[SECURITY] Fedora 19 Update: python-setuptools-0.6.49-1.fc19

Setuptools is a collection of enhancements to the Python distutils that all ow you to more easily build and distribute Python packages, especially ones th at have dependencies on other packages. This package contains the runtime components of setuptools, necessary to execute the software that...

[SECURITY] Fedora 18 Update: python-setuptools-0.6.49-1.fc18

Setuptools is a collection of enhancements to the Python distutils that all ow you to more easily build and distribute Python packages, especially ones th at have dependencies on other packages. This package contains the runtime components of setuptools, necessary to execute the software that...

GLSA-201310-09 : Setuptools: Man-in-the-Middle attack

The remote host is affected by the vulnerability described in GLSA-201310-09 Setuptools: Man-in-the-Middle attack Setuptools does not check the integrity of downloaded Python packages. Impact : A remote attacker could perform man-in-the-middle attacks to execute arbitrary code with the privileges...

Setuptools: Man-in-the-Middle attack

Background Setuptools is a manager for Python packages. Description Setuptools does not check the integrity of downloaded Python packages. Impact A remote attacker could perform man-in-the-middle attacks to execute arbitrary code with the privileges of the process. Workaround There is no known...

Updated python-setuptools and python-virtualenv packages fix security vulnerability

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product CVE-2013-1633...

MGASA-2013-0274 Updated python-setuptools and python-virtualenv packages fix security vulnerability

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product CVE-2013-1633...

[ MDVSA-2013:227 ] python-setuptools

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:227 http://www.mandriva.com/en/support/security/ Package : python-setuptools Date : September 9, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been...

Mandriva Linux Security Advisory : python-setuptools (MDVSA-2013:227)

A vulnerability has been discovered and corrected in python-setuptools/python-virtualenv : easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute...

Fedora 18 : python-virtualenv-1.10.1-1.fc18 (2013-14902)

From upstream : - Upgraded pip to v1.4.1 - Upgraded setuptools to v0.9.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 19 : python-virtualenv-1.10.1-1.fc19 (2013-14891)

From upstream : - Upgraded pip to v1.4.1 - Upgraded setuptools to v0.9.8 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

CVE-2013-1633

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

CVE-2013-1633

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

PYSEC-2013-22

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

PYSEC-2013-22

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

CVE-2013-1633

easyinstall in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product...

CVE-2013-1633

CVE-2013-1633 affects setuptools’ easy_install, where prior to version 0.7 it retrieved packages over HTTP without integrity checks, enabling MITM execution of arbitrary code. Affected component: python-setuptools/setuptools. Impact: remote code execution via crafted responses. Root cause: lack o...

[SECURITY] Fedora 17 Update: python-paste-script-1.7.5-4.fc17

Paster is pluggable command-line frontend, including commands to setup pack age file layouts Built-in features: Creating file layouts for packages. For instance a setuptools-ready file layout. Serving up web applications, with configuration based on paste.deploy...

Fedora Update for python-paste-script FEDORA-2012-2418

Check for the Version of python-paste-script OpenVAS Vulnerability Test Fedora Update for python-paste-script FEDORA-2012-2418 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/o...