Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 385d693

Browse filesBrowse files
CarreauCarreau
authored
Merge pull request from GHSA-29gw-9793-fvw7
Fix CVE-2023-24816
2 parents e548ee2 + 991849c commit 385d693
Copy full SHA for 385d693

File tree

Expand file treeCollapse file tree

3 files changed

+21
-25
lines changed
Filter options
Expand file treeCollapse file tree

3 files changed

+21
-25
lines changed

‎IPython/__init__.py

Copy file name to clipboardExpand all lines: IPython/__init__.py
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@
6363
version_info = release.version_info
6464
# list of CVEs that should have been patched in this release.
6565
# this is informational and should not be relied upon.
66-
__patched_cves__ = {"CVE-2022-21699"}
66+
__patched_cves__ = {"CVE-2022-21699", "CVE-2023-24816"}
6767

6868

6969
def embed_kernel(module=None, local_ns=None, **kwargs):

‎IPython/utils/terminal.py

Copy file name to clipboardExpand all lines: IPython/utils/terminal.py
+8-24Lines changed: 8 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -91,30 +91,14 @@ def _restore_term_title_xterm():
9191
_set_term_title = _set_term_title_xterm
9292
_restore_term_title = _restore_term_title_xterm
9393
elif sys.platform == 'win32':
94-
try:
95-
import ctypes
96-
97-
SetConsoleTitleW = ctypes.windll.kernel32.SetConsoleTitleW
98-
SetConsoleTitleW.argtypes = [ctypes.c_wchar_p]
99-
100-
def _set_term_title(title):
101-
"""Set terminal title using ctypes to access the Win32 APIs."""
102-
SetConsoleTitleW(title)
103-
except ImportError:
104-
def _set_term_title(title):
105-
"""Set terminal title using the 'title' command."""
106-
global ignore_termtitle
107-
108-
try:
109-
# Cannot be on network share when issuing system commands
110-
curr = os.getcwd()
111-
os.chdir("C:")
112-
ret = os.system("title " + title)
113-
finally:
114-
os.chdir(curr)
115-
if ret:
116-
# non-zero return code signals error, don't try again
117-
ignore_termtitle = True
94+
import ctypes
95+
96+
SetConsoleTitleW = ctypes.windll.kernel32.SetConsoleTitleW
97+
SetConsoleTitleW.argtypes = [ctypes.c_wchar_p]
98+
99+
def _set_term_title(title):
100+
"""Set terminal title using ctypes to access the Win32 APIs."""
101+
SetConsoleTitleW(title)
118102

119103

120104
def set_term_title(title):

‎docs/source/whatsnew/version8.rst

Copy file name to clipboardExpand all lines: docs/source/whatsnew/version8.rst
+12Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,18 @@
22
8.x Series
33
============
44

5+
6+
IPython 8.9.1
7+
-------------
8+
9+
Out of schedule release of IPython with minor fixes to patch a potential CVE-2023-24816.
10+
This is a really low severity CVE that you most likely are not affected by unless:
11+
12+
- You are on windows.
13+
- You have a custom build of Python without ``_ctypes``
14+
- You cd or start IPython or Jupyter in untrusted directory which names may be valid shell commands.
15+
16+
517
.. _version 8.9.0:
618

719
IPython 8.9.0

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.