Debian: DSA-1667-1 Critical: Python 2.4 Integer Overflows Advisory
debian
November 19, 2008
David Remahl discovered several integer overflows in the
stringobject, unicodeobject, bufferobject, longobject,
tupleobject, stropmodule, gcmodule, and mmapmodule mo...
Topics Covered
Summary
David Remahl discovered several integer overflows in the
stringobject, unicodeobject, bufferobject, longobject,
tupleobject, stropmodule, gcmodule, and mmapmodule modules.
CVE-2008-3142
Justin Ferguson discovered that incorrect memory allocation in
the unicode_resize() function can lead to buffer overflows.
CVE-2008-3143
Several integer overflows were discovered in various Python core
modules.
CVE-2008-3144
Several integer oberflows were discovered in the PyOS_vsnprintf()
function.
For the stable distribution (etch), these problems have been fixed in
version 2.4.4-3+etch2.
For the unstable distribution (sid) and the upcoming stable
distribution (lenny), these problems have been fixed in
version 2.4.5-5.
We recommend that you upgrade your python2.4 packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get p...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!