[gentoo-announce] [ GLSA 200807-16 ] Python: Multiple vulnerabilities - gentoo-announce

From:	Robert Buchholz <rbu@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200807-16 ] Python: Multiple vulnerabilities
Date:	Thu, 31 Jul 2008 23:35:27
Message-Id:	`200808010133.31885.rbu@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200807-16

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: Python: Multiple vulnerabilities

9

      Date: July 31, 2008

10

      Bugs: #230640, #232137

11

        ID: 200807-16

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Multiple vulnerabilities in Python may allow for the execution of

19

arbitrary code.

20

21

Background

22

==========

23

24

Python is an interpreted, interactive, object-oriented programming

25

language.

26

27

Affected packages

28

=================

29

30

    -------------------------------------------------------------------

31

     Package          /  Vulnerable  /                      Unaffected

32

    -------------------------------------------------------------------

33

  1  dev-lang/python     < 2.5.2-r6                      *>= 2.4.4-r14

34

                                                           >= 2.5.2-r6

35

36

Description

37

===========

38

39

Multiple vulnerabilities were discovered in Python:

40

41

* David Remahl of Apple Product Security reported several integer

42

  overflows in core modules such as stringobject, unicodeobject,

43

  bufferobject, longobject, tupleobject, stropmodule, gcmodule,

44

  mmapmodule (CVE-2008-2315).

45

46

* David Remahl of Apple Product Security also reported an integer

47

  overflow in the hashlib module, leading to unreliable cryptographic

48

  digest results (CVE-2008-2316).

49

50

* Justin Ferguson reported multiple buffer overflows in unicode

51

  string processing that only affect 32bit systems (CVE-2008-3142).

52

53

* The Google Security Team reported multiple integer overflows

54

  (CVE-2008-3143).

55

56

* Justin Ferguson reported multiple integer underflows and overflows

57

  in the PyOS_vsnprintf() function, and an off-by-one error when

58

  passing zero-length strings, leading to memory corruption

59

  (CVE-2008-3144).

60

61

Impact

62

======

63

64

A remote attacker could exploit these vulnerabilities in Python

65

applications or daemons that pass user-controlled input to vulnerable

66

functions. Exploitation might lead to the execution of arbitrary code

67

or a Denial of Service. Vulnerabilities within the hashlib might lead

68

to weakened cryptographic protection of data integrity or authenticity.

69

70

Workaround

71

==========

72

73

There is no known workaround at this time.

74

75

Resolution

76

==========

77

78

All Python 2.4 users should upgrade to the latest version:

79

80

    # emerge --sync

81

    # emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.4-r14"

82

83

All Python 2.5 users should upgrade to the latest version:

84

85

    # emerge --sync

86

    # emerge --ask --oneshot --verbose ">=dev-lang/python-2.5.2-r6"

87

88

Please note that Python 2.3 is masked since June 24, and we will not be

89

releasing updates to it. It will be removed from the tree in the near

90

future.

91

92

References

93

==========

94

95

  [ 1 ] CVE-2008-2315

96

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315

97

  [ 2 ] CVE-2008-2316

98

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316

99

  [ 3 ] CVE-2008-3142

100

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142

101

  [ 4 ] CVE-2008-3143

102

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3143

103

  [ 5 ] CVE-2008-3144

104

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144

105

106

Availability

107

============

108

109

This GLSA and any updates to it are available for viewing at

110

the Gentoo Security Website:

111

112

  http://security.gentoo.org/glsa/glsa-200807-16.xml

113

114

Concerns?

115

=========

116

117

Security is a primary focus of Gentoo Linux and ensuring the

118

confidentiality and security of our users machines is of utmost

119

importance to us. Any security concerns should be addressed to

120

security@g.o or alternatively, you may file a bug at

121

http://bugs.gentoo.org.

122

123

License

124

=======

125

126

Copyright 2008 Gentoo Foundation, Inc; referenced text

127

belongs to its owner(s).

128

129

The contents of this document are licensed under the

130

Creative Commons - Attribution / Share Alike license.

131

132

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200807-16
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Python: Multiple vulnerabilities
9	Date: July 31, 2008
10	Bugs: #230640, #232137
11	ID: 200807-16
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Multiple vulnerabilities in Python may allow for the execution of
19	arbitrary code.
20
21	Background
22	==========
23
24	Python is an interpreted, interactive, object-oriented programming
25	language.
26
27	Affected packages
28	=================
29
30	-------------------------------------------------------------------
31	Package / Vulnerable / Unaffected
32	-------------------------------------------------------------------
33	1 dev-lang/python < 2.5.2-r6 *>= 2.4.4-r14
34	>= 2.5.2-r6
35
36	Description
37	===========
38
39	Multiple vulnerabilities were discovered in Python:
40
41	* David Remahl of Apple Product Security reported several integer
42	overflows in core modules such as stringobject, unicodeobject,
43	bufferobject, longobject, tupleobject, stropmodule, gcmodule,
44	mmapmodule (CVE-2008-2315).
45
46	* David Remahl of Apple Product Security also reported an integer
47	overflow in the hashlib module, leading to unreliable cryptographic
48	digest results (CVE-2008-2316).
49
50	* Justin Ferguson reported multiple buffer overflows in unicode
51	string processing that only affect 32bit systems (CVE-2008-3142).
52
53	* The Google Security Team reported multiple integer overflows
54	(CVE-2008-3143).
55
56	* Justin Ferguson reported multiple integer underflows and overflows
57	in the PyOS_vsnprintf() function, and an off-by-one error when
58	passing zero-length strings, leading to memory corruption
59	(CVE-2008-3144).
60
61	Impact
62	======
63
64	A remote attacker could exploit these vulnerabilities in Python
65	applications or daemons that pass user-controlled input to vulnerable
66	functions. Exploitation might lead to the execution of arbitrary code
67	or a Denial of Service. Vulnerabilities within the hashlib might lead
68	to weakened cryptographic protection of data integrity or authenticity.
69
70	Workaround
71	==========
72
73	There is no known workaround at this time.
74
75	Resolution
76	==========
77
78	All Python 2.4 users should upgrade to the latest version:
79
80	# emerge --sync
81	# emerge --ask --oneshot --verbose ">=dev-lang/python-2.4.4-r14"
82
83	All Python 2.5 users should upgrade to the latest version:
84
85	# emerge --sync
86	# emerge --ask --oneshot --verbose ">=dev-lang/python-2.5.2-r6"
87
88	Please note that Python 2.3 is masked since June 24, and we will not be
89	releasing updates to it. It will be removed from the tree in the near
90	future.
91
92	References
93	==========
94
95	[ 1 ] CVE-2008-2315
96	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315
97	[ 2 ] CVE-2008-2316
98	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316
99	[ 3 ] CVE-2008-3142
100	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
101	[ 4 ] CVE-2008-3143
102	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3143
103	[ 5 ] CVE-2008-3144
104	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3144
105
106	Availability
107	============
108
109	This GLSA and any updates to it are available for viewing at
110	the Gentoo Security Website:
111
112	http://security.gentoo.org/glsa/glsa-200807-16.xml
113
114	Concerns?
115	=========
116
117	Security is a primary focus of Gentoo Linux and ensuring the
118	confidentiality and security of our users machines is of utmost
119	importance to us. Any security concerns should be addressed to
120	security@g.o or alternatively, you may file a bug at
121	http://bugs.gentoo.org.
122
123	License
124	=======
125
126	Copyright 2008 Gentoo Foundation, Inc; referenced text
127	belongs to its owner(s).
128
129	The contents of this document are licensed under the
130	Creative Commons - Attribution / Share Alike license.
131
132	http://creativecommons.org/licenses/by-sa/2.5