Felipe Sateler discovered that apt-listchanges did not use safe paths when
importing additional Python libraries. A local attacker could exploit
this and execute arbitrary commands as the user running apt-listchanges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 7.10 | noarch | apt-listchanges | < 2.74ubuntu3.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | apt-listchanges | < 2.72ubuntu6.1 | UNKNOWN |