Winpdb 1.0.6 Released.

This release fixes a security bug.

Winpdb is an advanced Python debugger, with support for smart breakpoints, multiple threads, namespace modification, embedded debugging, encrypted communication and speed of up to 20 times that of pdb.

Note: Unsecured communication mode is a common default with
debuggers to the Python language and other programming
languages.

Winpdb uses a session password to secure debugger/debugee
communication. This password was set with a command line flag
and is visible by any user on a multi user Linux/Unix system. This
is also relevant when launching a session from within the debugger,
since the debugger starts the debugee by passing various
command line flags including the session password.

Affected systems are non Windows systems with multiple users
logged on at the same time on the same machine.

An attacker on a multi user Linux/Unix machine who finds out the
session password can attach to the debugee and execute arbitrary
code through the exec debugger command.

Version 1.0.6 resolves this bug by no longer allowing the session
password as a command line flag on non Windows systems.

Homepage:
http://www.digitalpeers.com/pythondebugger