what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-003

Mandriva Linux Security Advisory 2009-003
Posted Jan 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-003 - Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow. Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. The updated Python packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary, python
systems | linux, mandriva
advisories | CVE-2008-4864, CVE-2008-5031
SHA-256 | 28d63a5f76ce1c5a97ac6618dfcd9bf320b89e89ddb038a765988adc6e0b6471

Mandriva Linux Security Advisory 2009-003

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:003
http://www.mandriva.com/security/
_______________________________________________________________________

Package : python
Date : January 9, 2009
Affected: 2008.0, 2008.1, 2009.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

Multiple integer overflows in imageop.c in the imageop module in
Python 1.5.2 through 2.5.1 allow context-dependent attackers to
break out of the Python VM and execute arbitrary code via large
integer values in certain arguments to the crop function, leading to
a buffer overflow, a different vulnerability than CVE-2007-4965 and
CVE-2008-1679. (CVE-2008-4864)

Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6,
allow context-dependent attackers to have an unknown impact via
a large integer value in the tabsize argument to the expandtabs
method, as implemented by (1) the string_expandtabs function in
Objects/stringobject.c and (2) the unicode_expandtabs function in
Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists
because of an incomplete fix for CVE-2008-2315. (CVE-2008-5031)

The updated Python packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
99e168ac1b7ae4bd0d340c2aac462e19 2008.0/i586/libpython2.5-2.5.2-2.3mdv2008.0.i586.rpm
8ddb89d22f9456e52758bdfc060cede1 2008.0/i586/libpython2.5-devel-2.5.2-2.3mdv2008.0.i586.rpm
c5b19e98a095f6000d5adc2009246ebb 2008.0/i586/python-2.5.2-2.3mdv2008.0.i586.rpm
4ce7cec71582068f7d5a00e1b53d9b2d 2008.0/i586/python-base-2.5.2-2.3mdv2008.0.i586.rpm
ad15a443a4f832e44864a83c2a6d6e4c 2008.0/i586/python-docs-2.5.2-2.3mdv2008.0.i586.rpm
1983242f6100f957af9d264de98119ec 2008.0/i586/tkinter-2.5.2-2.3mdv2008.0.i586.rpm
e99d03ebb07f9e6fc47f8619ea8cb832 2008.0/i586/tkinter-apps-2.5.2-2.3mdv2008.0.i586.rpm
2f8ff50c56f46c191b63878f11f7f606 2008.0/SRPMS/python-2.5.2-2.3mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
7b80a39d64b3a62eabd72cd63df8f2b4 2008.0/x86_64/lib64python2.5-2.5.2-2.3mdv2008.0.x86_64.rpm
bcb2d996aa22e004a8d1c142a62b852f 2008.0/x86_64/lib64python2.5-devel-2.5.2-2.3mdv2008.0.x86_64.rpm
75b8005ecb4df3d51da30a308ff7864b 2008.0/x86_64/python-2.5.2-2.3mdv2008.0.x86_64.rpm
1ee083182c06c5661a2d49e378fe314a 2008.0/x86_64/python-base-2.5.2-2.3mdv2008.0.x86_64.rpm
71659dba30fb79c8890992ff77cfae08 2008.0/x86_64/python-docs-2.5.2-2.3mdv2008.0.x86_64.rpm
f03df81a9505fc5480f717267eb4f59c 2008.0/x86_64/tkinter-2.5.2-2.3mdv2008.0.x86_64.rpm
8bbf6f28976deb9dc9c1651f4179bf3c 2008.0/x86_64/tkinter-apps-2.5.2-2.3mdv2008.0.x86_64.rpm
2f8ff50c56f46c191b63878f11f7f606 2008.0/SRPMS/python-2.5.2-2.3mdv2008.0.src.rpm

Mandriva Linux 2008.1:
40768be47280f91652106cae7d52bac3 2008.1/i586/libpython2.5-2.5.2-2.3mdv2008.1.i586.rpm
f740a094492e495a7058324c9d7fe5c0 2008.1/i586/libpython2.5-devel-2.5.2-2.3mdv2008.1.i586.rpm
8a3a54d6633b1067a303266551fbf11c 2008.1/i586/python-2.5.2-2.3mdv2008.1.i586.rpm
6ec33343842298ff0e8719cb69d8d8dd 2008.1/i586/python-base-2.5.2-2.3mdv2008.1.i586.rpm
6cf93281ad513c769a27e1a0aed24d89 2008.1/i586/python-docs-2.5.2-2.3mdv2008.1.i586.rpm
13b6d462c97fae761f889a9ef1f00445 2008.1/i586/tkinter-2.5.2-2.3mdv2008.1.i586.rpm
7503eb04531c6705d544a029575d5ba1 2008.1/i586/tkinter-apps-2.5.2-2.3mdv2008.1.i586.rpm
befe989985d13d16f6f23b9c44300010 2008.1/SRPMS/python-2.5.2-2.3mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
51bf8e6e9cfe26fc06540fb2e9c89a97 2008.1/x86_64/lib64python2.5-2.5.2-2.3mdv2008.1.x86_64.rpm
bdf744158bd3d0e856d34341db8f9766 2008.1/x86_64/lib64python2.5-devel-2.5.2-2.3mdv2008.1.x86_64.rpm
2e48265c3457815f1d8079bbbf289415 2008.1/x86_64/python-2.5.2-2.3mdv2008.1.x86_64.rpm
c6b77afb3b6f1263602d1ddcbb010582 2008.1/x86_64/python-base-2.5.2-2.3mdv2008.1.x86_64.rpm
d771f65c3c683e15688e243d7f6b5b31 2008.1/x86_64/python-docs-2.5.2-2.3mdv2008.1.x86_64.rpm
d392466b1043ed47431e26780402a923 2008.1/x86_64/tkinter-2.5.2-2.3mdv2008.1.x86_64.rpm
0c333970463f34e01192f50025e5418a 2008.1/x86_64/tkinter-apps-2.5.2-2.3mdv2008.1.x86_64.rpm
befe989985d13d16f6f23b9c44300010 2008.1/SRPMS/python-2.5.2-2.3mdv2008.1.src.rpm

Mandriva Linux 2009.0:
51130cd5a5075d3ba29c3b65393950fe 2009.0/i586/libpython2.5-2.5.2-5.2mdv2009.0.i586.rpm
e9a3c47de92e69dc45ee78ec09fdcdf7 2009.0/i586/libpython2.5-devel-2.5.2-5.2mdv2009.0.i586.rpm
1512cc21647372972d62143538110f0b 2009.0/i586/python-2.5.2-5.2mdv2009.0.i586.rpm
1ee69545d6e690add84393551b3008fb 2009.0/i586/python-base-2.5.2-5.2mdv2009.0.i586.rpm
4c2cf514d3bb03dc5690341ef8b57345 2009.0/i586/python-docs-2.5.2-5.2mdv2009.0.i586.rpm
7f3d125f0c601fbc650441e9d3d84660 2009.0/i586/tkinter-2.5.2-5.2mdv2009.0.i586.rpm
a5de9edf44334b6bd10914b29875b79d 2009.0/i586/tkinter-apps-2.5.2-5.2mdv2009.0.i586.rpm
a693a961c64a55661ff434db34514e54 2009.0/SRPMS/python-2.5.2-5.2mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
6c08e75992d0dbcc0588486ba110b7d0 2009.0/x86_64/lib64python2.5-2.5.2-5.2mdv2009.0.x86_64.rpm
14b108a893efbe023251b153d1e82510 2009.0/x86_64/lib64python2.5-devel-2.5.2-5.2mdv2009.0.x86_64.rpm
993aae03321911db6a6658b1d9c59770 2009.0/x86_64/python-2.5.2-5.2mdv2009.0.x86_64.rpm
2b7c1156968c717a439bc0f09cae6377 2009.0/x86_64/python-base-2.5.2-5.2mdv2009.0.x86_64.rpm
0d3827f4b2abd8d8708374a10f3d6a29 2009.0/x86_64/python-docs-2.5.2-5.2mdv2009.0.x86_64.rpm
850ba6348ca56583ac9d9cdcfe363cf9 2009.0/x86_64/tkinter-2.5.2-5.2mdv2009.0.x86_64.rpm
36bd4ed23029a5c85846306722c5c539 2009.0/x86_64/tkinter-apps-2.5.2-5.2mdv2009.0.x86_64.rpm
a693a961c64a55661ff434db34514e54 2009.0/SRPMS/python-2.5.2-5.2mdv2009.0.src.rpm

Corporate 4.0:
d1aaa4775604a3de987ea812484cbbe4 corporate/4.0/i586/libpython2.4-2.4.5-0.2.20060mlcs4.i586.rpm
044319e405c74c74ada649911fea096b corporate/4.0/i586/libpython2.4-devel-2.4.5-0.2.20060mlcs4.i586.rpm
70a92760d7ee37150357fd5eed43d0cd corporate/4.0/i586/python-2.4.5-0.2.20060mlcs4.i586.rpm
dd69e4feb812394c47140b42ec319dad corporate/4.0/i586/python-base-2.4.5-0.2.20060mlcs4.i586.rpm
40137c85bd8f45948823be862da2c224 corporate/4.0/i586/python-docs-2.4.5-0.2.20060mlcs4.i586.rpm
2f226b42cb832b2c9860f18528a71936 corporate/4.0/i586/tkinter-2.4.5-0.2.20060mlcs4.i586.rpm
83a6e83bb1b31cb4b5a43628e6a762d4 corporate/4.0/SRPMS/python-2.4.5-0.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
496d164ca85142afa629e3ea374810d2 corporate/4.0/x86_64/lib64python2.4-2.4.5-0.2.20060mlcs4.x86_64.rpm
0ee91a3adf261607b8df677d98b45704 corporate/4.0/x86_64/lib64python2.4-devel-2.4.5-0.2.20060mlcs4.x86_64.rpm
05be6f567bd0ae454878fbc91950d5e0 corporate/4.0/x86_64/python-2.4.5-0.2.20060mlcs4.x86_64.rpm
5fcaa1f9cc19b6c7a69422fee87081cb corporate/4.0/x86_64/python-base-2.4.5-0.2.20060mlcs4.x86_64.rpm
e449b5dc09573a81c2d46305c0dcc641 corporate/4.0/x86_64/python-docs-2.4.5-0.2.20060mlcs4.x86_64.rpm
7e41ff74e33e237c319c36d7de726f3c corporate/4.0/x86_64/tkinter-2.4.5-0.2.20060mlcs4.x86_64.rpm
83a6e83bb1b31cb4b5a43628e6a762d4 corporate/4.0/SRPMS/python-2.4.5-0.2.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJZ8kcmqjQ0CJFipgRAid1AJ4r2XGu3/mwmj94DeibPLPf3SLhcQCeLATO
i4D9EZtmJCdN/0XK3eWOBnc=
=iXWH
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close