From ${URL} : Description A vulnerability has been discovered in Python, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "sock_recvfrom_into()" function (Modules/socketmodule.c) and can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 2.7 and reported in versions 3.1, 3.2, and 3.3. Solution: Fixed in the source code repository. Further details available to Secunia VIM customers Provided and/or discovered by: Ryan Smith-Roberts within a bug ticket. Original Advisory: http://bugs.python.org/issue20246 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
*** Bug 502404 has been marked as a duplicate of this bug. ***
*** Bug 503348 has been marked as a duplicate of this bug. ***
Created attachment 381668 [details, diff] CVE-2014-1912-recvfrom_into.patch
CVE-2014-1912 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-1912): Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
Please go ahead and stabilize dev-lang/python-2.7.7 and dev-lang/python-3.3.5. Somebody should probably back-port the fix for python-3.2. http://hg.python.org/cpython/rev/9c56217e5c79/
I think this still leaves us vulnerable to bug 514686, so this will likely be followed by a revbump or version bump for that bug whenever someone can get to it.
Arches, please test and mark stable =dev-lang/python-2.7.7 =dev-lang/python-3.2.5-r6 =dev-lang/python-3.3.5-r1 Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
(In reply to Sergey Popov from comment #7) > Arches, please test and mark stable > > =dev-lang/python-2.7.7 > =dev-lang/python-3.2.5-r6 > =dev-lang/python-3.3.5-r1 You forgot: =dev-tcltk/tix-8.4.3-r1 > Target keywords: alpha amd64 arm hppa ia64 ppc ppc64 sparc x86
Stable for HPPA.
Stable on alpha.
amd64 stable
x86 stable
arm stable
ia64/sparc stable
ppc stable
ppc64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Cleanup done.
(In reply to Dirkjan Ochtman from comment #17) > Cleanup done. Thank you for cleanup. I'm changing title to < 3.3.4 as this is the version mentioned in CVE as fixed for this branch so it seems OK that this is still in the tree. New GLSA request filed.
This issue was resolved and addressed in GLSA 201503-10 at https://security.gentoo.org/glsa/201503-10 by GLSA coordinator Kristian Fiskerstrand (K_F).
