Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 121009

Summary: python: stack smashing attack
Product: Gentoo Linux Reporter: Barbu Eros Iulian <eibarbu>
Component: New packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: 2005.1   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Barbu Eros Iulian 2006-01-30 22:14:43 UTC 
emerge pycrypto
Calculating dependencies  ...done!
>>> emerge (1 of 1) dev-python/pycrypto-2.0.1-r1 to /
python: stack smashing attack in function sha_done()
Aborted
--------------------
emerge portage
Calculating dependencies  ...done!
>>> emerge (1 of 1) sys-apps/portage-2.1_pre4-r1 to /
>>> Downloading ftp://ftp.roedu.net/pub/mirrors/gentoo.org/distfiles/portage-2.1_pre4.tar.bz2
--08:13:09--  ftp://ftp.roedu.net/pub/mirrors/gentoo.org/distfiles/portage-2.1_pre4.tar.bz2
           => `/usr/portage/distfiles/portage-2.1_pre4.tar.bz2'
Resolving ftp.roedu.net... 141.85.128.58
Connecting to ftp.roedu.net|141.85.128.58|:21... connected.
Logging in as anonymous ... Logged in!
==> SYST ... done.    ==> PWD ... done.
==> TYPE I ... done.  ==> CWD /pub/mirrors/gentoo.org/distfiles ... done.
==> PASV ... done.    ==> RETR portage-2.1_pre4.tar.bz2 ... done.
Length: 249,753 (244K) (unauthoritative)

100%[====================================>] 249,753     1006.46K/s

08:13:10 (1003.79 KB/s) - `/usr/portage/distfiles/portage-2.1_pre4.tar.bz2' saved [249753]

>>> checksums files   ;-) portage-2.1_pre4-r1.ebuild
>>> checksums files   ;-) portage-2.0.53.ebuild
>>> checksums files   ;-) portage-2.1_pre3-r1.ebuild
>>> checksums files   ;-) portage-2.0.54.ebuild
>>> checksums files   ;-) portage-2.0.51.22-r3.ebuild
>>> checksums files   ;-) files/05portage.envd
>>> checksums files   ;-) files/2.0.51.22-fixes.patch
>>> checksums files   ;-) files/xterm-titles.patch
>>> checksums files   ;-) files/digest-portage-2.0.53
>>> checksums files   ;-) files/digest-portage-2.0.54
python: stack smashing attack in function sha_done()
Aborted
Comment 1 Barbu Eros Iulian 2006-01-30 22:15:22 UTC 
Portage 2.1_pre3-r1 (default-linux/x86/2005.0, gcc-3.4.5, glibc-2.3.6-r2, 2.6.15-gentoo-r1 i686)
=================================================================
System uname: 2.6.15-gentoo-r1 i686 Intel(R) Pentium(R) 4 CPU 1.50GHz
Gentoo Base System version 1.12.0_pre15
ccache version 2.4 [enabled]
dev-lang/python:     2.4.2
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1-r1
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r3
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O3 -march=pentium4 -mtune=pentium4 -pipe -ftracer -fforce-addr -falign-functions=32 -mfpmath=sse -fprefetch-loop-arrays -momit-leaf-frame-pointer -fomit-frame-pointer -ffast-math -fexpensive-optimizations"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3.4/env /usr/kde/3.4/share/config /usr/kde/3.4/shutdown /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/kde/3/share/config /usr/lib/X11/xkb /usr/lib/mozilla/defaults/pref /usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O3 -march=pentium4 -mtune=pentium4 -pipe -ftracer -fforce-addr -falign-functions=32 -mfpmath=sse -fprefetch-loop-arrays -momit-leaf-frame-pointer -fomit-frame-pointer -ffast-math -fexpensive-optimizations -fvisibility-inlines-hidden -fvisibility=hidden"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig buildpkg candy ccache distlocks moo prelink sandbox sfperms strict userpriv usersandbox"
GENTOO_MIRRORS="ftp://ftp.roedu.net/pub/mirrors/gentoo.org/"
LDFLAGS="-Wl,-O1 -Wl,--enable-new-dtags -Wl,--sort-common -s"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://gentoo.umfiasi.ro/gentoo-portage/"
USE="x86 3dnow 3dnowext X aalib acl alsa apm arts audiofile avi berkdb bitmap-fonts bzip2 cdb cdr chm cpudetection crypt cups curl dba eds emboss encode esd exif expat fam ffmpeg flac foomaticdb fortran gd gdbm gif gimp gimpprint glut gmp gnome gphoto2 gpm gstreamer gtk gtk2 gtkhtml hal howl idn imagemagick imlib java jpeg junit lcms libbeagle libcaca libg++ libwww mad matroska mhash mikmod mmx mmxext mng mono motif mozilla mp3 mpeg mysql ncurses nls nvidia ogg oggvorbis opengl oss pam pcre pdf pdflib perl png python qt quicktime readline real recode samba scanner sdl skey slang sms snmp speex spell sqlite sse sse2 ssl svg svga tcltk tcpd tiff truetype truetype-fonts type1-fonts udev usb vorbis webservices win32codecs wmf wxgtk1 xine xml2 xmms xv xvid yahoo zlib elibc_glibc kernel_linux userland_GNU"
Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LINGUAS
Comment 2 Jakub Moc (RETIRED) gentoo-dev 2006-01-30 23:46:39 UTC 

*** This bug has been marked as a duplicate of 120846 ***