Advisories MDVSA-2009:059-1: xchat

[paul]

Python has a variable called sys.path that contains all paths where

Python loads modules by using import scripting procedure. A wrong

handling of that variable enables local attackers to execute arbitrary

code via Python scripting in the current X-Chat working directory

(CVE-2009-0315).

 

This update provides fix for that vulnerability.

 

Update:

 

Packages for 2008.0 are being provided due to extended support for

Corporate products.