Candidate: CVE-2014-1604
PublicDate: 2014-01-28 00:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1604
 https://github.com/alex/rply/commit/fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7cand
Description:
 The parser cache functionality in parsergenerator.py in RPLY (aka
 python-rply) before 0.7.1 allows local users to spoof cache data by
 pre-creating a temporary rply-*.json file with a predictable name.
Ubuntu-Description:
Notes:
 seth-arnold> fc9bbcd25b0b4f09bbd6339f710ad24c129d5d7cand gives a 404
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735263
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_python-rply:
upstream_python-rply: released (0.7.1-1)
lucid_python-rply: DNE
precise_python-rply: DNE
quantal_python-rply: DNE
raring_python-rply: DNE
saucy_python-rply: DNE
trusty_python-rply: not-affected (0.7.1-1)
trusty/esm_python-rply: DNE (trusty was not-affected [0.7.1-1])
devel_python-rply: not-affected (0.7.1-1)