Nixpkgs Security Tracker

Permalink CVE-2015-1326

created 1 month ago

python-dbusmock arbitrary code execution or file overwrite when templates are loaded from /tmp

python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.

References

https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 x_refsource_MISC
https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 x_transferred x_refsource_MISC
https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 x_refsource_MISC
https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 x_transferred x_refsource_MISC
https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 x_refsource_MISC
https://github.com/martinpitt/python-dbusmock/commit/4e7d0df9093 x_transferred x_refsource_MISC

Affected products

python-dbusmock

<0.15.1

Matching in nixpkgs

pkgs.python312Packages.python-dbusmock

Mock D-Bus objects for tests

nixos-25.11 0.36.0
- nixos-25.11-small 0.36.0
- nixpkgs-25.11-darwin 0.36.0

pkgs.python313Packages.python-dbusmock

Mock D-Bus objects for tests

nixos-unstable 0.36.0
- nixpkgs-unstable 0.36.0
- nixos-unstable-small 0.36.0
nixos-25.11 0.36.0
- nixos-25.11-small 0.36.0
- nixpkgs-25.11-darwin 0.36.0

pkgs.python314Packages.python-dbusmock

Mock D-Bus objects for tests

nixos-unstable 0.36.0
- nixpkgs-unstable 0.36.0
- nixos-unstable-small 0.36.0

Package maintainers

@callahad Dan Callahan <dan.callahan@gmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.python312Packages.python-dbusmock

pkgs.python313Packages.python-dbusmock

pkgs.python314Packages.python-dbusmock

Package maintainers