A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
libapache2-mod-python2.2 libapache2-mod-python2.3
The problem can be corrected by upgrading the affected package to version 3.1.3-1ubuntu3.2. After a standard system upgrade you need to restart the Apache 2 web server using
sudo /etc/init.d/apache2 restart
to effect the necessary changes.
Details follow:
Graham Dumpleton discovered an information disclosure in the "publisher" handle of mod_python. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible.