Date: Wed, 29 Oct 2008 11:28:33 +0100 From: Jan Lieskovsky <jlieskov@...hat.com> To: coley@...re.org Cc: oss-security@...ts.openwall.com Subject: CVE Request - Python imageop Hello Steve, could you please assign a new CVE id for the following Python imageop integer / buffer overflow. Advisory and PoC at: http://scary.beasts.org/security/CESA-2008-008.html (The other issues from this link were addressed within the mega "[vendor-sec] Multiple python vulnerabilities (CVE-2008-2315, CVE-2008-2316)" thread.) Proposed patch: against trunk: http://svn.python.org/view?rev=66689&view=rev against release-25maint: http://svn.python.org/view?rev=66690&view=rev Affected Python versions: 1.5.2 through 2.5.1 This issue different one from CVE-2007-4965 and CVE-2008-1679. Thanks! -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ