Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

Debian: DSA-1620-1 Moderate: Buffer Overflow in Python2.5

debian
Calendar Grey July 27, 2008
Debian Logo
- ------------------------------------------------------------------------Debian Security Advisory D
Several vulnerabilities have been discovered in the interpreter for the Python language.

Summary


Piotr Engelking discovered that the strxfrm() function of the locale
module miscalculates the length of an internal buffer, which may
result in a minor information disclosure.

CVE-2007-4965

It was discovered that several integer overflows in the imageop
module may lead to the execution of arbitrary code, if a user is
tricked into processing malformed images. This issue is also
tracked as CVE-2008-1679 due to an initially incomplete patch.

CVE-2008-1721

Justin Ferguson discovered that a buffer overflow in the zlib
module may lead to the execution of arbitrary code.

CVE-2008-1887

Justin Ferguson discovered that insufficient input validation in
PyString_FromStringAndSize() may lead to the execution of arbitrary
code.

For the stable distribution (etch), these problems have been fixed in
version 2.5-5+etch1.

For the unstable distribution (sid), these problems have been fixed in
version 2.5.2-3.

We recommend that you upgrade your ...

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here