Mandriva Linux Security Advisory : ipython (MDVSA-2015:160)
Medium Nessus Plugin ID 82413
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated ipython package fixes security vulnerability :
In IPython before 1.2, the origin of websocket requests was not verified within the IPython notebook server. If an attacker has knowledge of an IPython kernel id they can run arbitrary code on a user's machine when the client visits a crafted malicious page (CVE-2014-3429).
SolutionUpdate the affected ipython package.