Debian Security Advisory 1667-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.
12fdf078391ae1df310f450b4a5d9467ff078cdcdaab7caaf897fa6ed1464822Mandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Corporate Server 4 have been updated to the latest version 2.4.5.
7dc4bf08958120be9ebfa5a253d3225fede65d00fa94562dac3b315b2ecf3cbcMandriva Linux Security Advisory - Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules. reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results. Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems. Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2. Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption. The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package.
9a50d43050213b8aac716a2a7270d520a3c43c10e5bec3a1910ee71cf69067abUbuntu Security Notice 632-1 - Many vulnerabilities have been addressed in the python 2.4 and python 2.5 packages. These include integer overflows, arbitrary code execution, and other vulnerabilities.
3ce008a937eacbb9c53b664057738663d026122c9a6afc70fda346a0cb119154Gentoo Linux Security Advisory GLSA 200807-16 - Multiple vulnerabilities in Python may allow for the execution of arbitrary code. Versions less than 2.5.2-r6 are affected.
9ae6d7842402c013fff9b0dae09817ac492c8c70c103bba8e87713e308f3fb8a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed