=========================================================== Ubuntu Security Notice USN-80-1 February 11, 2005 libapache2-mod-python vulnerabilities CAN-2005-0088 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libapache2-mod-python2.2 libapache2-mod-python2.3 The problem can be corrected by upgrading the affected package to version 3.1.3-1ubuntu3.2. After a standard system upgrade you need to restart the Apache 2 web server using sudo /etc/init.d/apache2 restart to effect the necessary changes. Details follow: Graham Dumpleton discovered an information disclosure in the "publisher" handle of mod_python. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible.