Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Bugtraq: [ MDVSA-2008:013 ] - Updated python packages fix vulnerability in imageop module

[ MDVSA-2008:013 ] - Updated python packages fix vulnerability in imageop module

From: <security_at_mandriva.com>
Date: Mon, 14 Jan 2008 16:04:52 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory MDVSA-2008:013
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : python
 Date : January 14, 2008
 Affected: 2007.0, 2007.1, 2008.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Multiple integer overflows were found in python's imageop module.
 If an application written in python used the imageop module to
 process untrusted images, it could cause the application to crash,
 enter an infinite loop, or possibly execute arbitrary code with the
 privileges of the python interpreter.
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4965
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 2aa2d395f88ba6a4d59c9768d838bbc9 2007.0/i586/libpython2.4-2.4.3-3.3mdv2007.0.i586.rpm
 42e7a809d98b494c397b02536f563e3f 2007.0/i586/libpython2.4-devel-2.4.3-3.3mdv2007.0.i586.rpm
 8047a106fcacb1a389fc62a4c0a1ffe1 2007.0/i586/python-2.4.3-3.3mdv2007.0.i586.rpm
 5fc7ec936e59f3dbaf4195e68838c260 2007.0/i586/python-base-2.4.3-3.3mdv2007.0.i586.rpm
 3f08259502861bfd057c9a675824eed1 2007.0/i586/python-docs-2.4.3-3.3mdv2007.0.i586.rpm
 295ec06fd92677faa81958b3dc15673f 2007.0/i586/tkinter-2.4.3-3.3mdv2007.0.i586.rpm
 3f4dcfcafa39b91533d2a6995d57900b 2007.0/SRPMS/python-2.4.3-3.3mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 caaa07f3f09cfcea0bd1e8973799ffef 2007.0/x86_64/lib64python2.4-2.4.3-3.3mdv2007.0.x86_64.rpm
 969e366d80532376e1eea4679b0ac0fb 2007.0/x86_64/lib64python2.4-devel-2.4.3-3.3mdv2007.0.x86_64.rpm
 df60e3b77cc2e0653781fba0d2dd0b55 2007.0/x86_64/python-2.4.3-3.3mdv2007.0.x86_64.rpm
 e23dadbd0a78fe5a3ed85d5cc1aec10b 2007.0/x86_64/python-base-2.4.3-3.3mdv2007.0.x86_64.rpm
 19b0ae3d1ab4fe68ea3ffbe43c3b0942 2007.0/x86_64/python-docs-2.4.3-3.3mdv2007.0.x86_64.rpm
 9daa7753a70117f94e478357824ee274 2007.0/x86_64/tkinter-2.4.3-3.3mdv2007.0.x86_64.rpm
 3f4dcfcafa39b91533d2a6995d57900b 2007.0/SRPMS/python-2.4.3-3.3mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 83789918b32161771fc31de1c0276abc 2007.1/i586/libpython2.5-2.5-4.2mdv2007.1.i586.rpm
 fb805a3c75630617183bddd8b1876317 2007.1/i586/libpython2.5-devel-2.5-4.2mdv2007.1.i586.rpm
 e33c7874ed3d6d567f581c5698925ec8 2007.1/i586/python-2.5-4.2mdv2007.1.i586.rpm
 0397f12fdddf81747abdee00035aa652 2007.1/i586/python-base-2.5-4.2mdv2007.1.i586.rpm
 9afc73871e8e9aac908728f2895fad17 2007.1/i586/python-docs-2.5-4.2mdv2007.1.i586.rpm
 36dbd270e4ce9d14a4cf00cb82218721 2007.1/i586/tkinter-2.5-4.2mdv2007.1.i586.rpm
 e87524f2a4ba782fb8dc1616d52a5210 2007.1/SRPMS/python-2.5-4.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 a4e9f1cac6e2f4bb101ec44993787e8a 2007.1/x86_64/lib64python2.5-2.5-4.2mdv2007.1.x86_64.rpm
 d36b5ee8b915aeb0aeacfb31c72b0d5b 2007.1/x86_64/lib64python2.5-devel-2.5-4.2mdv2007.1.x86_64.rpm
 11c9d94ace60556d0742b7df15f26e20 2007.1/x86_64/python-2.5-4.2mdv2007.1.x86_64.rpm
 5733c0d34ad9d474f09d72e081e8abb5 2007.1/x86_64/python-base-2.5-4.2mdv2007.1.x86_64.rpm
 c111909ca5e251969157d0846aaddab5 2007.1/x86_64/python-docs-2.5-4.2mdv2007.1.x86_64.rpm
 d0ebc98fb24040adada7f5a1cb0786da 2007.1/x86_64/tkinter-2.5-4.2mdv2007.1.x86_64.rpm
 e87524f2a4ba782fb8dc1616d52a5210 2007.1/SRPMS/python-2.5-4.2mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 402de17d03c279d7473dc00bfb30fa29 2008.0/i586/libpython2.5-2.5.1-5.1mdv2008.0.i586.rpm
 460006b33d6d8d221119e757d0e53997 2008.0/i586/libpython2.5-devel-2.5.1-5.1mdv2008.0.i586.rpm
 006d53e8c4c5344f3333a5e88a8e5353 2008.0/i586/python-2.5.1-5.1mdv2008.0.i586.rpm
 6f688cfe64f97febd7b4b1fde1444a4e 2008.0/i586/python-base-2.5.1-5.1mdv2008.0.i586.rpm
 2cfbc489e172026680449de3549e4451 2008.0/i586/python-docs-2.5.1-5.1mdv2008.0.i586.rpm
 55dbf574855f61c4cddcf24d86004fef 2008.0/i586/tkinter-2.5.1-5.1mdv2008.0.i586.rpm
 b0a635daa3bd47a95ea97fa1e28869e4 2008.0/i586/tkinter-apps-2.5.1-5.1mdv2008.0.i586.rpm
 aa344e978d53a329b717cae3ffaa6a38 2008.0/SRPMS/python-2.5.1-5.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 c759088550b15fe216d9d42d4f205ae3 2008.0/x86_64/lib64python2.5-2.5.1-5.1mdv2008.0.x86_64.rpm
 c98822c30fff7d1b28f77db91c20e094 2008.0/x86_64/lib64python2.5-devel-2.5.1-5.1mdv2008.0.x86_64.rpm
 786551ac171968deba675aac73bd25f9 2008.0/x86_64/python-2.5.1-5.1mdv2008.0.x86_64.rpm
 ded534c04a11298591276b573cd84fac 2008.0/x86_64/python-base-2.5.1-5.1mdv2008.0.x86_64.rpm
 7cdc40b041fab7c0462e7d01accd72e2 2008.0/x86_64/python-docs-2.5.1-5.1mdv2008.0.x86_64.rpm
 70ce8cebd5a034e45da35152feb07c4d 2008.0/x86_64/tkinter-2.5.1-5.1mdv2008.0.x86_64.rpm
 6bc778f57d71c0206a265e817644395a 2008.0/x86_64/tkinter-apps-2.5.1-5.1mdv2008.0.x86_64.rpm
 aa344e978d53a329b717cae3ffaa6a38 2008.0/SRPMS/python-2.5.1-5.1mdv2008.0.src.rpm

 Corporate 4.0:
 38717e896327570dbbe5bf52099b45a4 corporate/4.0/i586/libpython2.4-2.4.1-5.3.20060mlcs4.i586.rpm
 4584b1a54de62e416aa088d0f5c58aaf corporate/4.0/i586/libpython2.4-devel-2.4.1-5.3.20060mlcs4.i586.rpm
 c17ae6ab96b00477d4d43f9503dd5586 corporate/4.0/i586/python-2.4.1-5.3.20060mlcs4.i586.rpm
 f6e5380393fbaab901856846f45cb872 corporate/4.0/i586/python-base-2.4.1-5.3.20060mlcs4.i586.rpm
 2e153a8f3d28c7bcdf203429601dd5a3 corporate/4.0/i586/python-docs-2.4.1-5.3.20060mlcs4.i586.rpm
 c09dbfa148bc49ff700c534e60456249 corporate/4.0/i586/tkinter-2.4.1-5.3.20060mlcs4.i586.rpm
 ed33c06ab7a6c1235121330dfc7c14ea corporate/4.0/SRPMS/python-2.4.1-5.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 dc60e48b88c515fd370bef76434df88e corporate/4.0/x86_64/lib64python2.4-2.4.1-5.3.20060mlcs4.x86_64.rpm
 cd4810341e9e49cc2e607a4ae067fd78 corporate/4.0/x86_64/lib64python2.4-devel-2.4.1-5.3.20060mlcs4.x86_64.rpm
 d71bbb307d68599831ff0c30d0968cc3 corporate/4.0/x86_64/python-2.4.1-5.3.20060mlcs4.x86_64.rpm
 945f1355d6a357b0666512f1fd485f61 corporate/4.0/x86_64/python-base-2.4.1-5.3.20060mlcs4.x86_64.rpm
 f905de87ed4a5d0dd0239d8896d39243 corporate/4.0/x86_64/python-docs-2.4.1-5.3.20060mlcs4.x86_64.rpm
 cca9d202eb85b96a1c61c396e125637d corporate/4.0/x86_64/tkinter-2.4.1-5.3.20060mlcs4.x86_64.rpm
 ed33c06ab7a6c1235121330dfc7c14ea corporate/4.0/SRPMS/python-2.4.1-5.3.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi. The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security. You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID Date User ID
 pub 1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFHi79pmqjQ0CJFipgRAr21AKDvgsQaALmLRxyo52cXu0HQRFOY6gCfSZoU
0Phgk04W2rDdd6KGUy/BtDI=
=2oLn
-----END PGP SIGNATURE-----
Received on Jan 15 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]