[Bug 163845] Re: [python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS

Launchpad Bug Tracker Thu, 03 Jan 2008 09:21:37 -0800

This bug was fixed in the package python2.5 - 2.5.1-6ubuntu1

---------------
python2.5 (2.5.1-6ubuntu1) hardy; urgency=low


  * Merge with Debian; remaining changes:
    - Include the pregenerated documentation.
    - Set priority of python2.5-minimal to required.
    - Build python2.5-doc from the pregenerated documentation.

python2.5 (2.5.1-6) unstable; urgency=low

  * Update to 20080102, taken from the 2.5 release branch.
    - Only define _BSD_SOURCE on OpenBSD systems. Closes: #455400.
  * Fix handling of packages in linecache.py (Kevin Goodsell). LP: #70902.
  * Bump debhelper to v5.
  * Register binfmt for .py[co] files.
  * Use absolute paths when byte-compiling files. Addresses: #453346.
    Closes: #413566, LP: #177722.
  * CVE-2007-4965, http://bugs.python.org/issue1179:
    Multiple integer overflows in the imageop module in Python 2.5.1 and
    earlier allow context-dependent attackers to cause a denial of service
    (application crash) and possibly obtain sensitive information (memory
    contents) via crafted arguments to (1) the tovideo method, and unspecified
    other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other
    files, which trigger heap-based buffer overflows.
    Patch prepared by Stephan Herrmann. Closes: #443333, LP: #163845.
  * Register info docs when doing source only uploads. LP: #174786.
  * Remove deprecated value from categories in desktop file. LP: #172874.
  * python2.5-dbg: Don't include the gdbm and _tkinter extensions, now provided
    in separate packages.
  * Provide a symlink changelog -> NEWS. Closes: #439271.
  * Fix build failure on hurd, working around poll() on systems on which it
    returns an error on invalid FDs. Closes: #438914.
  * Configure --with-system-ffi on all architectures. Closes: #448520.
  * Fix version numbers in copyright and README files (Dan O'Huiginn).
    Closes: #446682.

 -- Matthias Klose <[EMAIL PROTECTED]>   Thu, 03 Jan 2008 16:21:32 +0100

** Changed in: python2.5 (Ubuntu)
       Status: In Progress => Fix Released

-- 
[python] Multiple integer overflow vulnerabilities possibly resulting in the 
execution of arbitrary code or DoS
https://bugs.launchpad.net/bugs/163845
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 163845] Re: [python] Multiple integer overflow vulnerabilities possibly resulting in the execution of arbitrary code or DoS

Reply via email to