PLD Linux

Overview
Code
Bugs
Blueprints
Translations
Answers

python <= 2.5.2, zlib module buffer overflow

Bug #216503 reported by Marcin Banasiak on 2008-04-12

254

Affects		Status	Importance	Assigned to	Milestone
	PLD Linux	Fix Released	High	Elan Ruusamäe

Bug Description

Description:
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

Tags:

CVE References

2008-1721

Revision history for this message

Marcin Banasiak (megabajt) wrote on 2008-04-12:

Patch can be found at http://svn.python.org/view?rev=62235&view=rev

Revision history for this message

Elan Ruusamäe (glen666) wrote on 2008-04-13:

python-2.5.2-3.src.rpm.info moved to th-main

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.