blob: 02d4da4d79252fea4ba55f21628224c245fddcfe [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200807-01">
<title>Python: Multiple integer overflows</title>
Multiple integer overflows may allow for Denial of Service.
<product type="ebuild">python</product>
<announced>July 01, 2008</announced>
<revised>July 01, 2008: 01</revised>
<package name="dev-lang/python" auto="yes" arch="*">
<unaffected range="rge">2.3.6-r6</unaffected>
<unaffected range="ge">2.4.4-r13</unaffected>
<vulnerable range="lt">2.4.4-r13</vulnerable>
Python is an interpreted, interactive, object-oriented programming
Multiple vulnerabilities were discovered in Python:
Remahl reported multiple integer overflows in the file imageop.c,
leading to a heap-based buffer overflow (CVE-2008-1679). This issue is
due to an incomplete fix for CVE-2007-4965.</li>
<li>Justin Ferguson
discovered that an integer signedness error in the zlib extension
module might trigger insufficient memory allocation and a buffer
overflow via a negative signed integer (CVE-2008-1721).</li>
Ferguson discovered that insufficient input validation in the
PyString_FromStringAndSize() function might lead to a buffer overflow
<impact type="normal">
A remote attacker could exploit these vulnerabilities to cause a Denial
of Service or possibly the remote execution of arbitrary code with the
privileges of the user running Python.
There is no known workaround at this time.
The imageop module is no longer built in the unaffected versions.
All Python 2.3 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-lang/python-2.3.6-r6&quot;</code>
All Python 2.4 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=dev-lang/python-2.4.4-r13&quot;</code>
<uri link="">CVE-2008-1679</uri>
<uri link="">CVE-2008-1721</uri>
<uri link="">CVE-2008-1887</uri>
<metadata tag="submitter" timestamp="Fri, 27 Jun 2008 08:54:25 +0000">
<metadata tag="bugReady" timestamp="Tue, 01 Jul 2008 11:46:03 +0000">