Mandriva Linux Security Advisory : python (MDVSA-2008:163)
Critical Nessus Plugin ID 37212
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows (CVE-2008-1679). This was due to an incomplete fix for CVE-2007-4965.
David Remahl of Apple Product Security reported several integer overflows in a number of core modules (CVE-2008-2315). He also reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results (CVE-2008-2316).
Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems (CVE-2008-3142).
Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2 (CVE-2008-3143).
Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption (CVE-2008-3144).
The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package.
SolutionUpdate the affected packages.