-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:215 http://www.mandriva.com/security/ _______________________________________________________________________ Package : python Date : October 30, 2010 Affected: 2009.0, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities was discovered and corrected in python: Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference (CVE-2009-4134). Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12 (CVE-2010-1449). Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function (CVE-2010-1450). The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections (CVE-2010-3492). Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492 (CVE-2010-3493). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4134 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 7a00126d581458ad3e1f9195cfe44b56 2009.0/i586/libpython2.5-2.5.2-5.9mdv2009.0.i586.rpm 821b23366eb5a1f2fe486b8b4876a17b 2009.0/i586/libpython2.5-devel-2.5.2-5.9mdv2009.0.i586.rpm 7cc4e06ec1539e65b18788216f5cfec2 2009.0/i586/python-2.5.2-5.9mdv2009.0.i586.rpm 0e2922c24b13b8428201d65dd3a5e69f 2009.0/i586/python-base-2.5.2-5.9mdv2009.0.i586.rpm 6aac8e518cf4fdcf5d11e41869b7cc23 2009.0/i586/python-docs-2.5.2-5.9mdv2009.0.i586.rpm 42f1cb02ad93c2871b7ef26d91dd084c 2009.0/i586/tkinter-2.5.2-5.9mdv2009.0.i586.rpm 89dd31e1bd79bfdcb773ae27b9a23eae 2009.0/i586/tkinter-apps-2.5.2-5.9mdv2009.0.i586.rpm 36eabc2f36f1fc3fee03beea40c5b3ff 2009.0/SRPMS/python-2.5.2-5.9mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: ab11f5dbfd4220284f65591a5e627a2f 2009.0/x86_64/lib64python2.5-2.5.2-5.9mdv2009.0.x86_64.rpm b7bf0eb696e77af9a6f833a810cd691c 2009.0/x86_64/lib64python2.5-devel-2.5.2-5.9mdv2009.0.x86_64.rpm f0fa937935849fa7b8ccfe9d0ad23a22 2009.0/x86_64/python-2.5.2-5.9mdv2009.0.x86_64.rpm 9b6094c0d9b8d7305c4dd6d1e9957793 2009.0/x86_64/python-base-2.5.2-5.9mdv2009.0.x86_64.rpm 4d29dc9f22c17f4ee5587aed6082d54f 2009.0/x86_64/python-docs-2.5.2-5.9mdv2009.0.x86_64.rpm 846f140203bc61160c8e9be21bec8caf 2009.0/x86_64/tkinter-2.5.2-5.9mdv2009.0.x86_64.rpm d83f1ca9fb74bb6bc19f27bfca4565a2 2009.0/x86_64/tkinter-apps-2.5.2-5.9mdv2009.0.x86_64.rpm 36eabc2f36f1fc3fee03beea40c5b3ff 2009.0/SRPMS/python-2.5.2-5.9mdv2009.0.src.rpm Corporate 4.0: e3525726eb8b420b631c1e7293200f76 corporate/4.0/i586/libpython2.4-2.4.5-0.7.20060mlcs4.i586.rpm 62a30354a30738ee1d9c8e09fa781931 corporate/4.0/i586/libpython2.4-devel-2.4.5-0.7.20060mlcs4.i586.rpm c12e4aee6ec61df748905ea3fbc683b1 corporate/4.0/i586/python-2.4.5-0.7.20060mlcs4.i586.rpm cfa6231f5bd6d42b92e06be405979532 corporate/4.0/i586/python-base-2.4.5-0.7.20060mlcs4.i586.rpm 89bb605645f87975ea06cd0d0adb1242 corporate/4.0/i586/python-docs-2.4.5-0.7.20060mlcs4.i586.rpm 7112a9c89287d80edac65a2c9543de58 corporate/4.0/i586/tkinter-2.4.5-0.7.20060mlcs4.i586.rpm af061ddc3fe400553ce48a986f1413c8 corporate/4.0/SRPMS/python-2.4.5-0.7.20060mlcs4.src.rpm Corporate 4.0/X86_64: d4e789862c00c01d154cb676c958fc66 corporate/4.0/x86_64/lib64python2.4-2.4.5-0.7.20060mlcs4.x86_64.rpm cc0e0a6797fadbce21133a706be2585e corporate/4.0/x86_64/lib64python2.4-devel-2.4.5-0.7.20060mlcs4.x86_64.rpm 63b408e0f3aa7324eda422232f57bbf8 corporate/4.0/x86_64/python-2.4.5-0.7.20060mlcs4.x86_64.rpm 0023db0a34e646a1fdd8803852ac6f1f corporate/4.0/x86_64/python-base-2.4.5-0.7.20060mlcs4.x86_64.rpm 0e78fed213618878e55f3aee5e83b8df corporate/4.0/x86_64/python-docs-2.4.5-0.7.20060mlcs4.x86_64.rpm 7ca482e628699e8d588fe64bdfd91257 corporate/4.0/x86_64/tkinter-2.4.5-0.7.20060mlcs4.x86_64.rpm af061ddc3fe400553ce48a986f1413c8 corporate/4.0/SRPMS/python-2.4.5-0.7.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 0ec5bf2d929c006c683c9e8323655198 mes5/i586/libpython2.5-2.5.2-5.9mdvmes5.1.i586.rpm 2ce1526827f9a6b2cb6f1767b05fb468 mes5/i586/libpython2.5-devel-2.5.2-5.9mdvmes5.1.i586.rpm 0d8d0f8a937fbd2b29de19dd558aa9a3 mes5/i586/python-2.5.2-5.9mdvmes5.1.i586.rpm 0d5632de99d6f3a73a1d0f5b9c09fe60 mes5/i586/python-base-2.5.2-5.9mdvmes5.1.i586.rpm ae17f9d8dd571e3867709fd2b3225de5 mes5/i586/python-docs-2.5.2-5.9mdvmes5.1.i586.rpm 03d2415da7afb9c4c0f7ac06ac76a5d2 mes5/i586/tkinter-2.5.2-5.9mdvmes5.1.i586.rpm 6a474c44ad872f18e61eb73c988f8c05 mes5/i586/tkinter-apps-2.5.2-5.9mdvmes5.1.i586.rpm 75ba289267fc9c02315cb2bb18d62aed mes5/SRPMS/python-2.5.2-5.9mdvmes5.1.src.rpm Mandriva Enterprise Server 5/X86_64: d94d195ee2597a8cc65cbd156045da16 mes5/x86_64/lib64python2.5-2.5.2-5.9mdvmes5.1.x86_64.rpm 99b5668212ff8e4dd5d6798e8b96f5d6 mes5/x86_64/lib64python2.5-devel-2.5.2-5.9mdvmes5.1.x86_64.rpm de021441be5c405a36ef2f9222afc186 mes5/x86_64/python-2.5.2-5.9mdvmes5.1.x86_64.rpm 1478b55d09d14e419afb4d15ae37958d mes5/x86_64/python-base-2.5.2-5.9mdvmes5.1.x86_64.rpm e479b97543e149706200d580bc76048c mes5/x86_64/python-docs-2.5.2-5.9mdvmes5.1.x86_64.rpm af465bc5f398ad142a32d4412e940ee9 mes5/x86_64/tkinter-2.5.2-5.9mdvmes5.1.x86_64.rpm 7839e25fcad9d3c55329b61c86a0cead mes5/x86_64/tkinter-apps-2.5.2-5.9mdvmes5.1.x86_64.rpm 75ba289267fc9c02315cb2bb18d62aed mes5/SRPMS/python-2.5.2-5.9mdvmes5.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMy/LFmqjQ0CJFipgRAtxgAKCdMyuiPoFxjBEatV6KMLD/h7lF0gCfUdcP GbmwC3tS9AGI9Pgd0KD5jjE= =SLNl -----END PGP SIGNATURE-----