USN-7002-1: Setuptools vulnerability
USN-7002-1: Setuptools vulnerability
12 September 2024
setuptools could be made to crash or run programs if it received specially crafted network traffic.
Releases
Ubuntu 24.04 LTS
Ubuntu 22.04 LTS
Ubuntu 20.04 LTS
Ubuntu 18.04 ESM
Ubuntu 16.04 ESM
Ubuntu 14.04 ESM
Packages
python-setuptools - Python Distutils Enhancements
setuptools - Python Distutils Enhancements
Details
It was discovered that setuptools was vulnerable to remote code
execution. An attacker could possibly use this issue to execute arbitrary
code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04
python3-setuptools - 68.1.2-2ubuntu1.1