[Security Announce] [ MDVSA-2009:036 ] python

[news 28]

This is a multi-part message in MIME format...

 

------------=_1234461625-6173-499

 

 

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

_______________________________________________________________________

 

Mandriva Linux Security Advisory MDVSA-2009:036

http://www.mandriva.com/security/

_______________________________________________________________________

 

Package : python

Date : February 12, 2009

Affected: Corporate 3.0, Multi Network Firewall 2.0

_______________________________________________________________________

 

Problem Description:

 

Multiple integer overflows in imageop.c in the imageop module in

Python 1.5.2 through 2.5.1 allow context-dependent attackers to

break out of the Python VM and execute arbitrary code via large

integer values in certain arguments to the crop function, leading to

a buffer overflow, a different vulnerability than CVE-2007-4965 and

CVE-2008-1679. (CVE-2008-4864)

 

Multiple integer overflows in Python 2.5.2 and earlier allow

context-dependent attackers to have an unknown impact via vectors

related to the (1) stringobject, (2) unicodeobject, (3) bufferobject,

(4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and

(8) mmapmodule modules. NOTE: The expandtabs integer overflows in

stringobject and unicodeobject in 2.5.2 are covered by CVE-2008-5031.

 

Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,

allow context-dependent attackers to have an unknown impact via

a large integer value in the tabsize argument to the expandtabs

method, as implemented by (1) the string_expandtabs function in

Objects/stringobject.c and (2) the unicode_expandtabs function in

Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists

because of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)

 

The updated Python packages have been patched to correct these issues.

_______________________________________________________________________

 

References:

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4864

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031

_______________________________________________________________________

 

Updated Packages:

 

Corporate 3.0:

c9668bc25f1306f610bfdfc94b4b944c corporate/3.0/i586/libpython2.3-2.3.7-0.2.C30mdk.i586.rpm

f2720b0908488c72a4591c89a5d6be6e corporate/3.0/i586/libpython2.3-devel-2.3.7-0.2.C30mdk.i586.rpm

261fbcfe8cd18a217845051c7c2fdd75 corporate/3.0/i586/python-2.3.7-0.2.C30mdk.i586.rpm

1df9dfe4bacd9982da477f84daf4179e corporate/3.0/i586/python-base-2.3.7-0.2.C30mdk.i586.rpm

c848a40db3729c5d730409cc8b53ede2 corporate/3.0/i586/python-docs-2.3.7-0.2.C30mdk.i586.rpm

a6844df32103497417ed829693fb60f5 corporate/3.0/i586/tkinter-2.3.7-0.2.C30mdk.i586.rpm

c5f2ad7e5986ab7232658b40e8dea295 corporate/3.0/SRPMS/python-2.3.7-0.2.C30mdk.src.rpm

 

Corporate 3.0/X86_64:

0969a75152e437953cae2c309697536c corporate/3.0/x86_64/lib64python2.3-2.3.7-0.2.C30mdk.x86_64.rpm

e297c080c4ab2cd7c5f536a5cda758b2 corporate/3.0/x86_64/lib64python2.3-devel-2.3.7-0.2.C30mdk.x86_64.rpm

d6ddee2f8c6bbe82acb7d5fdaaa75913 corporate/3.0/x86_64/python-2.3.7-0.2.C30mdk.x86_64.rpm

1556e502527f22fad6771d95b288b9cc corporate/3.0/x86_64/python-base-2.3.7-0.2.C30mdk.x86_64.rpm

acdefbc7a2ed2dd31b6569002e4253e3 corporate/3.0/x86_64/python-docs-2.3.7-0.2.C30mdk.x86_64.rpm

49fd4e84a697d91c64ac5d91b63bf43c corporate/3.0/x86_64/tkinter-2.3.7-0.2.C30mdk.x86_64.rpm

c5f2ad7e5986ab7232658b40e8dea295 corporate/3.0/SRPMS/python-2.3.7-0.2.C30mdk.src.rpm

 

Multi Network Firewall 2.0:

cabb486b4f3c24c9fea9920db0576137 mnf/2.0/i586/libpython2.3-2.3.7-0.2.M20mdk.i586.rpm

60b4f62da866083a1c37ad42d532171b mnf/2.0/i586/libpython2.3-devel-2.3.7-0.2.M20mdk.i586.rpm

b5a2dc2a80a304b2095549b1d0c7c4c8 mnf/2.0/i586/python-2.3.7-0.2.M20mdk.i586.rpm

5964fa32ade61fc6d217481252e75d92 mnf/2.0/i586/python-base-2.3.7-0.2.M20mdk.i586.rpm

f8eb4c23e80dc5ee7cf4abdacc0d01cc mnf/2.0/i586/python-docs-2.3.7-0.2.M20mdk.i586.rpm

8ca87fc328dd2d3c4f21edc5f244e1cc mnf/2.0/i586/tkinter-2.3.7-0.2.M20mdk.i586.rpm

6bdfd7584a2e4094ce39424311368ce8 mnf/2.0/SRPMS/python-2.3.7-0.2.M20mdk.src.rpm

_______________________________________________________________________

 

To upgrade automatically use MandrivaUpdate or urpmi. The verification

of md5 checksums and GPG signatures is performed automatically for you.

 

All packages are signed by Mandriva for security. You can obtain the

GPG public key of the Mandriva Security Team by executing:

 

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 

You can view other update advisories for Mandriva Linux at:

 

http://www.mandriva.com/security/advisories

 

If you want to report vulnerabilities, please contact

 

security_(at)_mandriva.com

_______________________________________________________________________

 

Type Bits/KeyID Date User ID

pub 1024D/22458A98 2000-07-10 Mandriva Security Team

 

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.9 (GNU/Linux)

 

iD8DBQFJlDhYmqjQ0CJFipgRAjxAAJ9Ki28TLWrWrI/6ftj5bLVtNe4MsgCgoH19

A65A1tocyMcWLZBUV61a0KU=

=UwnZ

-----END PGP SIGNATURE-----

 

 

------------=_1234461625-6173-499

Content-Type: text/plain; name="message-footer.txt"

Content-Disposition: inline; filename="message-footer.txt"

Content-Transfer-Encoding: 8bit

 

To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org

with this subject : unsubscribe security-announce

_______________________________________________________

Want to buy your Pack or Services from Mandriva?

Go to http://www.mandrivastore.com

Join the Club : http://www.mandrivaclub.com

_______________________________________________________

 

------------=_1234461625-6173-499--