1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
PublicDate: 2008-04-22
Candidate: CVE-2008-1679
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
http://www.ubuntu.com/usn/usn-632-1
Description:
Multiple integer overflows in imageop.c in Python before 2.5.3 allow
context-dependent attackers to cause a denial of service (crash) and
possibly execute arbitrary code via crafted images that trigger heap-based
buffer overflows. NOTE: this issue is due to an incomplete fix for
CVE-2007-4965.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.launchpad.net/ubuntu/+source/python2.4/+bug/227246
Priority: medium
Discovered-by:
Assigned-to: kees
Patches_python2.5:
upstream_python2.5: needs-triage
dapper_python2.5: DNE
feisty_python2.5: released (2.5.1-0ubuntu1.2)
gutsy_python2.5: released (2.5.1-5ubuntu5.2)
hardy_python2.5: not-affected
devel_python2.5: not-affected
Patches_python2.4:
vendor: http://www.debian.org/security/2008/dsa-1551
upstream_python2.4: needs-triage
dapper_python2.4: released (2.4.3-0ubuntu6.2)
feisty_python2.4: released (2.4.4-2ubuntu7.2)
gutsy_python2.4: released (2.4.4-6ubuntu4.2)
hardy_python2.4: not-affected
devel_python2.4: not-affected
|