[SECURITY] Fedora EPEL 7 Update: ipython-3.2.1-1.el7

updates at fedoraproject.org updates at fedoraproject.org
Fri Jul 31 18:33:07 UTC 2015 

--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2015-7196
2015-07-14 14:55:29
--------------------------------------------------------------------------------

Name        : ipython
Product     : Fedora EPEL 7
Version     : 3.2.1
Release     : 1.el7
URL         : http://ipython.org/
Summary     : An enhanced interactive Python shell
Description :

IPython provides a replacement for the interactive Python interpreter with
extra functionality.

Main features:
 * Comprehensive object introspection.
 * Input history, persistent across sessions.
 * Caching of output results during a session with automatically generated
   references.
 * Readline based name completion.
 * Extensible system of 'magic' commands for controlling the environment and
   performing many tasks related either to IPython or the operating system.
 * Configuration system with easy switching between different setups (simpler
   than changing $PYTHONSTARTUP environment variables every time).
 * Session logging and reloading.
 * Extensible syntax processing for special purpose situations.
 * Access to the system shell with user-extensible alias system.
 * Easily embeddable in other Python programs.
 * Integrated access to the pdb debugger and the Python profiler.

--------------------------------------------------------------------------------
Update Information:

IPython 3.2.1 is a small bugfix release, primarily for cross-site security fixes in the notebook. Users are strongly encouraged to upgrade immediately. There are also a few small unicode and nbconvert-related fixes.

IPython 3.2 contains important security fixes. Users are strongly encouraged to upgrade immediately.

Highlights:

- Address cross-site scripting vulnerabilities CVE-2015-4706, CVE-2015-4707
- A security improvement that set the secure attribute to login cookie to prevent them to be sent over http
- Revert the face color of matplotlib axes in the inline backend to not be transparent.
- Enable mathjax safe mode by default
- Fix XSS vulnerability in JSON error messages
- Various widget-related fixes

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1235688 - CVE-2015-4706 CVE-2015-4707 ipython: IPython 3.2 contains important security fixes
        https://bugzilla.redhat.com/show_bug.cgi?id=1235688
--------------------------------------------------------------------------------

This update can be installed with the "yum" update programs.  Use
su -c 'yum update ipython' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora EPEL GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the epel-package-announce mailing list