+++ This bug was initially created as a clone of Bug #569214 +++

(From Jan Lieskovsky, https://bugzilla.redhat.com/show_bug.cgi?id=481556)

"Untrusted search path vulnerability in gedit's Python module allows local
users to execute arbitrary code via a Trojan horse Python file in the
current working directory, related to an erroneous setting of sys.path
by the PySys_SetArgv function.

References:
http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html

Debian bug report for similar eog issue:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504352#4

Proposed patch:
Not sure, if gedi'ts upstream has been reported about this issue.
The Debian patch for similar eog's Python related issue,
available at:

http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=02_sanitize_sys.path.patch;att=1;bug=504352

should be sufficient to resolve this issue."

There's no CVE assigned yet, but one has been requested.  The security severity is considered "low".