Date: Wed, 29 Oct 2008 11:28:33 +0100 From: Jan Lieskovsky <jlieskov@...hat.com> To: coley@...re.org Cc: oss-security@...ts.openwall.com Subject: CVE Request - Python imageop Hello Steve, could you please assign a new CVE id for the following Python imageop integer / buffer overflow. Advisory and PoC at: http://scary.beasts.org/security/CESA-2008-008.html (The other issues from this link were addressed within the mega "[vendor-sec] Multiple python vulnerabilities (CVE-2008-2315, CVE-2008-2316)" thread.) Proposed patch: against trunk: http://svn.python.org/view?rev=66689&view=rev against release-25maint: http://svn.python.org/view?rev=66690&view=rev Affected Python versions: 1.5.2 through 2.5.1 This issue different one from CVE-2007-4965 and CVE-2008-1679. Thanks! -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.