| |||||||||||||||||||
Pardus alert 2010-76 (python)
------------------------------------------------------------------------ Pardus Linux Security Advisory 2010-76 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2010-06-15 Severity: 3 Type: Local ------------------------------------------------------------------------ Summary ======= Multiple incorrect buffer overflow checks which can be used to cause denial of service in audioop module have been fixed. Description =========== CVE-2010-1634: Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. CVE-2010-2089: The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. Affected packages: Pardus 2009: python, all before 2.6.5-57-17 Resolution ========== There are update(s) for python. You can update them via Package Manager or with a single command from console: pisi up python References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=13265 ------------------------------------------------------------------------ _______________________________________________ Pardus-security mailing list Pardus-security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security (Log in to post comments)
|
|||||||||||||||||||