Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 27 Oct 2008 17:22:44 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: oss-security@...ts.openwall.com, coley@...re.org
Subject: CVE request -- Python imageop#3

Hello Steve,

  could you please allocate a new CVE id for the
following Python integer / buffer overflow in imageop module -
from commit log:

"fix security issue 2: imageop's poor validation of arguments could
result in segfaults"

Proposed patch:
against trunk: http://svn.python.org/view?rev=66689&view=rev
against release-25maint: http://svn.python.org/view?rev=66690&view=rev

Affected Python versions: 1.5.2 through 2.5.1

This issue yet different one, than two previous Python imageop
related security issues (CVE-2007-4965 and CVE-2008-1679):

CVE-2007-4965 imageop module heap overflow / corruption / infinite loop)
its patch against trunk: http://svn.python.org/view?rev=65880&view=rev
its patch against release-25maint: http://svn.python.org/view?rev=65878&view=rev

CVE-2008-1679 (imageop integer overflow -incomplete fix of CVE-2007-4965)
advisory: https://issues.rpath.com/browse/RPL-2424
patch:  http://bugs.python.org/file9975/python-2.5-int-overflow-2.patch
The patch for this issue has been in upstream included into CVE-2008-4965.patch.


Thanks, Jan.
-- 
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ