Summary: | <dev-lang/python-{2.6.5-r3,3.1.2-r4}: audioop: Multiple vulnerabilities (CVE-2010-{1634,2089}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | python |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2010-06-25 20:46:31 UTC
CVE-2010-2089 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2089): The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. (In reply to comment #1) > CVE-2010-2089 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2089): > The audioop module in Python 2.7 and 3.2 does not verify the > relationships between size arguments and byte string lengths, which > allows context-dependent attackers to cause a denial of service > (memory corruption and application crash) via crafted arguments, as > demonstrated by a call to audioop.reverse with a one-byte string, a > different vulnerability than CVE-2010-1634. This problem is not yet fixed by upstream and also concerns at least Python 2.6. CVE-2010-1634: http://bugs.python.org/issue8674 CVE-2010-2089: http://bugs.python.org/issue7673 Fixed in 2.6.5-r3 and 3.1.2-r4. I will request stabilizations in separate bugs after some days of testing. Arfever: What's the status here? (In reply to comment #5) 2.6.5-r3 and 3.1.2-r4 still have a Gentoo-specific regression in handling of environmental variables (bug #329705). Do you want stabilization of 2.6.5-r3 and 3.1.2-r4 or wait for stabilization of newer, fixed versions? (In reply to comment #6) I'm withdrawing this question. *** Bug 331247 has been marked as a duplicate of this bug. *** *** Bug 331249 has been marked as a duplicate of this bug. *** Please stabilize dev-lang/python-2.6.5-r3 and dev-lang/python-3.1.2-r4. stable x86 amd64 done alpha/arm/ia64/m68k/s390/sh/sparc stable Marked both ppc stable, marked 2.6.5-r3 stable on ppc64 because it doesn't have a stable keyword for 3.x yet. Stable for HPPA. Security team, can this be closed? adding ppc64 I believe ppc64 is done now. For the 2.6 branch, I stabilized out of bug 342927 but got the 3.1 branch here. GLSA request filed. This issue was resolved and addressed in GLSA 201401-04 at http://security.gentoo.org/glsa/glsa-201401-04.xml by GLSA coordinator Sergey Popov (pinkbyte). |