Summary: | dev-lang/python imageop some more integer-overflows (CVE-2008-1679) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | python | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://bugs.python.org/issue1179 | ||||||
Whiteboard: | A3 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Bug Depends on: | |||||||
Bug Blocks: | 217221, 246006 | ||||||
Attachments: |
|
Description
Robert Buchholz (RETIRED)
2008-04-07 09:29:10 UTC
There is a patch on the python.org bug. (In reply to comment #1) > There is a patch on the python.org bug. > The attached patch doesn't solve the problem here.. I'll try to come up with a better fix tomorrow as we wait for an upstream fix :) You mean the POC still crashes Python even with the patch included? I did not try to reproduce that myself. ping (In reply to comment #3) > You mean the POC still crashes Python even with the patch included? I did not > try to reproduce that myself. > Yes it does. imageop is removed in 3.0¹ and it's not built on 64 bit systems because it's not Py_ssize_t safe. I have no interest in fixing this and nothing depends on this module on the tree. I say let's remove it or add a big fat warning to the ebuild not to use it. ¹:http://bugs.python.org/msg66407 Please remove the imageop feature then, instead of printing a one-time warning. python-2.3.6-r6, python-2.4.4-r13 and python-2.5.2-r4 don't build imageop on 32 bit as well. Arches, please test and mark stable: =dev-lang/python-2.3.6-r6 =dev-lang/python-2.4.4-r13 Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 release s390 sh sparc x86" @Ali: This might obsolete bug 211281, but as usual we will close the security bug regardless whether arm&co are stabled. dev-lang/python-2.3.6-r6 USE="berkdb cxx gdbm ipv6 ncurses readline ssl threads -bootstrap -build -doc -examples -tk -ucs2"
minor stuff:
>>> Source compiled.
mv: cannot stat `/var/tmp/portage/dev-lang/python-2.3.6-r6/work/Python-2.3.6/Lib/test/test_subprocess.py': No such file or directory
mv: cannot stat `/var/tmp/portage/dev-lang/python-2.3.6-r6/work/Python-2.3.6/Lib/test/test_tcl.py': No such file or directory
but fails this test on amd64/x86 (regression):
test_bsddb
test test_bsddb failed -- errors occurred; run in verbose mode for details
test_bsddb185
test_bsddb185 skipped -- No module named bsddb185
test_bsddb3
test_bsddb3 skipped -- Use of the `bsddb' resource not enabled
...
205 tests OK.
1 test failed:
test_bsddb
41 tests skipped:
test_aepack test_al test_asynchat test_audioop test_bsddb185
test_bsddb3 test_cd test_cl test_curses test_dl test_email_codecs
test_fork1 test_gl test_imageop test_imgfile test_imp
test_linuxaudiodev test_logging test_macfs test_macostools
test_nis test_normalization test_ossaudiodev test_pep277
test_plistlib test_queue test_rgbimg test_scriptpackages
test_socket test_socket_ssl test_socketserver test_sunaudiodev
test_thread test_threaded_import test_threadedtempfile
test_threading test_timeout test_unicode_file test_urllibnet
test_winreg test_winsound
13 skips unexpected on linux2:
test_threadedtempfile test_socket test_threaded_import test_fork1
test_rgbimg test_threading test_imp test_thread test_queue
test_asynchat test_audioop test_imageop test_logging
make: *** [test] Error 1
*
* ERROR: dev-lang/python-2.3.6-r6 failed.
* Call stack:
* ebuild.sh, line 49: Called src_test
* environment, line 3452: Called die
* The specific snippet of code:
* make test || die "make test failed";
* The die message:
* make test failed
dev-lang/python-2.4.4-r13 looks good so far.
Same error on python-2.3 on alpha/ia64/sparc Same test fails for alpha. I see the bsddb test failure on dev-lang/python-2.3.6-r6 but not on 2.4.4-r13. In addition I see failure of test_pow (pow(-1, 1.23e167) throws an excpetion), but that is no regression from current stable (2.4.4-r9). Stable for HPPA. Created attachment 154145 [details]
Build log for 2.4.4-r9 on alpha with failing test_pow
A build log, as requested by hawking on IRC.
Built with:
USE="berkdb -gdbm" FEATURES=test emerge -av --oneshot =dev-lang/python-2.4.4-r9
--- ChangeLog 2008-05-25 16:01:31.455794900 +0300 +++ ChangeLog.new 2008-05-25 16:02:35.904148669 +0300 @@ -2,6 +2,12 @@ + 25 May 2008; Ali Polatel <hawking@gentoo.org> + +files/python-2.3.6-disable-failing-tests.patch, python-2.3.6-r6.ebuild, + python-2.4.4-r13.ebuild, python-2.5.2-r4.ebuild: + Added patch to disable failing test_bsddb test for 2.3. Disable test_pow + on alpha until upstream comes up with a fix. + Appearently pow() fails for all version of python on alpha and upstream is aware¹ of that. Disabled the test until upstream comes up with a fix. ¹:http://bugs.python.org/issue756093 both stable on alpha ia64/sparc stable (In reply to comment #9) > dev-lang/python-2.3.6-r6 USE="berkdb cxx gdbm ipv6 ncurses readline ssl > threads -bootstrap -build -doc -examples -tk -ucs2" > but fails this test on amd64/x86 (regression): > test_bsddb > test test_bsddb failed -- errors occurred; run in verbose mode for details No problems here on x86. ppc stable ppc64 stable amd64/x86 stable Fixed in release snapshot. glsa request filed. GLSA 200807-01 |