Summary: | dev-lang/python-1.5.2<=2.5.1 imageop.c multiple integer overflows (CVE-2008-4864) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | python |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://svn.python.org/view?rev=66689;view=rev | ||
Whiteboard: | A1 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 216673 | ||
Bug Blocks: |
Description
Stefan Behte (RETIRED)
2008-11-07 21:22:37 UTC
Also see: http://svn.python.org/view/python/trunk/Modules/imageop.c?rev=66689;view=diff;r1=66689;r2=66688;p1=python/trunk/Modules/imageop.c;p2=/python/trunk/Modules/imageop.c This might be used in a webapplication and lead to remote compromise, but it should allow local privilege escalation, so giving it a severity of A1. Python: please confirm that we've already disabled imageop in all our in-tree versions, see https://bugs.gentoo.org/show_bug.cgi?id=216673 python: *ping* Looks like one should be closed... (In reply to comment #2) > Python: please confirm that we've already disabled imageop in all our in-tree > versions, see https://bugs.gentoo.org/show_bug.cgi?id=216673 > *ping* 2.5.2-r7 and 2.5.4-r2 are stable on all architectures. /var/tmp/portage/dev-lang/python-2.4.6/work/2.4.6 $ cat 19_all_no-imageop.patch --- setup.py 2008-05-21 10:26:35.000000000 +0300 +++ setup.py 2008-05-21 10:27:11.000000000 +0300 @@ -434,7 +434,8 @@ # Disabled on 64-bit platforms if sys.maxint != 9223372036854775807L: # Operations on images - exts.append( Extension('imageop', ['imageop.c']) ) + # Disable on 32 bit as well due to #216673 + # exts.append( Extension('imageop', ['imageop.c']) ) # Read SGI RGB image files (but coded portably) exts.append( Extension('rgbimg', ['rgbimgmodule.c']) ) |