Candidate: CVE-2014-1929
PublicDate: 2014-10-25 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929
 http://www.openwall.com/lists/oss-security/2014/02/06/5
 http://www.openwall.com/lists/oss-security/2014/02/12/15
Description:
 python-gnupg 0.3.5 and 0.3.6 allows context-dependent attackers to have an
 unspecified impact via vectors related to "option injection through
 positional arguments." NOTE: this vulnerability exists because of an
 incomplete fix for CVE-2013-7323.
Ubuntu-Description:
Notes:
 seth-arnold> I believe this issue was fixed by 0.3.6 or an earlier release
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738509
Priority: medium
Discovered-by: Florian Weimer
Assigned-to:
CVSS: 

Patches_python-gnupg:
upstream_python-gnupg: released (0.3.6)
lucid_python-gnupg: DNE
precise_python-gnupg: DNE
quantal_python-gnupg: ignored (reached end-of-life)
saucy_python-gnupg: ignored (reached end-of-life)
trusty_python-gnupg: not-affected (0.3.6-1)
trusty/esm_python-gnupg: not-affected (0.3.6-1)
devel_python-gnupg: not-affected (0.3.6-1)