Mandriva Linux Security Advisory : epiphany (MDVSA-2009:048-2)
Medium Nessus Plugin ID 36606
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionPython has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory (CVE-2008-5985).
This update provides fix for that vulnerability.
The previous update package was not built against the correct (latest) libxulrunner-126.96.36.199 library (fixes #48163)
SolutionUpdate the affected epiphany and / or epiphany-devel packages.