Mandriva Linux Security Advisory : python (MDVSA-2008:085)
High Nessus Plugin ID 37899
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionInteger signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow (CVE-2008-1721).
A buffer overflow vulnerability was also found in the PyString_FromStringAndSize() function (CVE-2008-1887).
The updated packages have been patched to prevent these issues.
SolutionUpdate the affected packages.