This bug was fixed in the package python2.4 - 2.4.4-7ubuntu1
---------------
python2.4 (2.4.4-7ubuntu1) hardy; urgency=low
* Merge with Debian; remaining changes:
- Rebuild the control file.
- Build the -doc package from this source.
python2.4 (2.4.4-7) unstable; urgency=low
* SVN update up to 2007-12-23.
* Register binfmt for .py[co] files.
* Use -fwrapv when GCC supports it.
* Rename all exported symbols to avoid conflicts with similarly named
symbols in other libraries (Robert Edmonds). Closes: #440272.
* Use absolute paths when byte-compiling files. Closes: #453346.
* CVE-2007-4965, http://bugs.python.org/issue1179:
Multiple integer overflows in the imageop module in Python 2.5.1 and
earlier allow context-dependent attackers to cause a denial of service
(application crash) and possibly obtain sensitive information (memory
contents) via crafted arguments to (1) the tovideo method, and unspecified
other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other
files, which trigger heap-based buffer overflows.
Patch prepared by Stephan Herrmann. Closes: #443335, LP: #163845.
* Remove deprecated value from categories in desktop file. LP: #172874.
* python2.4-dbg: Don't include the gdbm and _tkinter extensions, now provided
in separate packages.
* Provide a symlink changelog -> NEWS. Closes: #439271.
-- Matthias Klose <[EMAIL PROTECTED]> Thu, 03 Jan 2008 13:11:54 +0000
** Changed in: python2.4 (Ubuntu)
Status: In Progress => Fix Released
--
[python] Multiple integer overflow vulnerabilities possibly resulting in the
execution of arbitrary code or DoS
https://bugs.launchpad.net/bugs/163845
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
