diff --git a/IPython/__init__.py b/IPython/__init__.py index c224f9a..7d3799a 100644 --- a/IPython/__init__.py +++ b/IPython/__init__.py @@ -63,7 +63,7 @@ __version__ = release.version version_info = release.version_info # list of CVEs that should have been patched in this release. # this is informational and should not be relied upon. -__patched_cves__ = {"CVE-2022-21699"} +__patched_cves__ = {"CVE-2022-21699", "CVE-2023-24816"} def embed_kernel(module=None, local_ns=None, **kwargs): diff --git a/IPython/utils/terminal.py b/IPython/utils/terminal.py index 161a9ae..b09cfe0 100644 --- a/IPython/utils/terminal.py +++ b/IPython/utils/terminal.py @@ -91,30 +91,14 @@ if os.name == 'posix': _set_term_title = _set_term_title_xterm _restore_term_title = _restore_term_title_xterm elif sys.platform == 'win32': - try: - import ctypes - - SetConsoleTitleW = ctypes.windll.kernel32.SetConsoleTitleW - SetConsoleTitleW.argtypes = [ctypes.c_wchar_p] - - def _set_term_title(title): - """Set terminal title using ctypes to access the Win32 APIs.""" - SetConsoleTitleW(title) - except ImportError: - def _set_term_title(title): - """Set terminal title using the 'title' command.""" - global ignore_termtitle - - try: - # Cannot be on network share when issuing system commands - curr = os.getcwd() - os.chdir("C:") - ret = os.system("title " + title) - finally: - os.chdir(curr) - if ret: - # non-zero return code signals error, don't try again - ignore_termtitle = True + import ctypes + + SetConsoleTitleW = ctypes.windll.kernel32.SetConsoleTitleW + SetConsoleTitleW.argtypes = [ctypes.c_wchar_p] + + def _set_term_title(title): + """Set terminal title using ctypes to access the Win32 APIs.""" + SetConsoleTitleW(title) def set_term_title(title): diff --git a/docs/source/whatsnew/version8.rst b/docs/source/whatsnew/version8.rst index 2f743ea..50f1af6 100644 --- a/docs/source/whatsnew/version8.rst +++ b/docs/source/whatsnew/version8.rst @@ -2,6 +2,18 @@ 8.x Series ============ + +IPython 8.9.1 +------------- + +Out of schedule release of IPython with minor fixes to patch a potential CVE-2023-24816. +This is a really low severity CVE that you most likely are not affected by unless: + + - You are on windows. + - You have a custom build of Python without ``_ctypes`` + - You cd or start IPython or Jupyter in untrusted directory which names may be valid shell commands. + + .. _version 8.9.0: IPython 8.9.0