[<prev] [next>] [<thread-prev] [month] [year] [list]
Date: Mon, 10 Nov 2008 13:04:40 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: Chris Evans <scarybeasts@...il.com>
cc: oss-security@...ts.openwall.com, "Steven M. Christey" <coley@...re.org>,
Will Drewry <redpig@...rt.org>
Subject: Re: CVE Request - Python string expandtabs
======================================================
Name: CVE-2008-5031
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031
Reference: MLIST:[oss-security] 20081105 CVE Request - Python string expandtabs
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/05/2
Reference: MLIST:[oss-security] 20081105 Re: CVE Request - Python string expandtabs
Reference: URL:http://www.openwall.com/lists/oss-security/2008/11/05/3
Reference: MISC:http://scary.beasts.org/security/CESA-2008-008.html
Reference: CONFIRM:http://svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Objects/stringobject.c
Reference: CONFIRM:http://svn.python.org/view/python/trunk/Objects/unicodeobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/unicodeobject.c&p2=/python/trunk/Objects/unicodeobject.c
Reference: CONFIRM:http://svn.python.org/view?rev=61350&view=rev
Multiple integer overflows in Python 2.5.2 allow context-dependent
attackers to have an unknown impact via a large integer value in the
tabsize argument to the expandtabs method, as implemented by (1) the
string_expandtabs function in Objects/stringobject.c and (2) the
unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this
vulnerability reportedly exists because of an incomplete fix for
CVE-2008-2315.
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux