Debian DSA-1667-1 : python2.4 - several vulnerabilities
High Nessus Plugin ID 34823
The remote Debian host is missing a security-related update.
Several vulnerabilities have been discovered in the interpreter for the Python language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2315 David Remahl discovered several integer overflows in the stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, and mmapmodule modules. - CVE-2008-3142 Justin Ferguson discovered that incorrect memory allocation in the unicode_resize() function can lead to buffer overflows. - CVE-2008-3143 Several integer overflows were discovered in various Python core modules. - CVE-2008-3144 Several integer overflows were discovered in the PyOS_vsnprintf() function.
Upgrade the python2.4 packages. For the stable distribution (etch), these problems have been fixed in version 2.4.4-3+etch2.