Mandrake security alert: Updated python packages fix buffer overflow vulnerability

Posted by dave on Mar 10, 2004 3:29 AM EDT
Mailing list
Mail this story
Print this story

A buffer overflow in python 2.2's getaddrinfo() function was discovered by Sebastian Schmidt.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

_______________________________________________________________________

Mandrakelinux Security Update Advisory _______________________________________________________________________

Package name: python Advisory ID: MDKSA-2004:019 Date: March 9th, 2004

Affected versions: 9.0, Corporate Server 2.1 ______________________________________________________________________

Problem Description:

A buffer overflow in python 2.2's getaddrinfo() function was discovered by Sebastian Schmidt. If python 2.2 is built without IPv6 support, an attacker could configure their name server to let a hostname resolve to a special IPv6 address, which could contain a memory address where shellcode is placed. This problem does not affect python versions prior to 2.2 or versions 2.2.2+, and it also doesn't exist if IPv6 support is enabled. The updated packages have been patched to correct the problem. Thanks to Sebastian for both the discovery and patch. _______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150 ______________________________________________________________________

Updated Packages: Corporate Server 2.1: 879da513052f8a7f22f46b32c8edd064 corporate/2.1/RPMS/libpython2.2-2.2.1-14.4.C21mdk.i586.rpm 41aabf6642342583667e7f7614b2b1af corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.4.C21mdk.i586.rpm 79afd48bc89cf1dd3580f9b9d210ab08 corporate/2.1/RPMS/python-2.2.1-14.4.C21mdk.i586.rpm 0e6280b152a9f65677da9ce35bbfc987 corporate/2.1/RPMS/python-base-2.2.1-14.4.C21mdk.i586.rpm 9e0eaadd3d9e3a15b95acb17fbde064d corporate/2.1/RPMS/python-docs-2.2.1-14.4.C21mdk.i586.rpm f241bc6291f1d5a46e95a2e5fa7e7791 corporate/2.1/RPMS/tkinter-2.2.1-14.4.C21mdk.i586.rpm 84625a172626fe08ff13bce7b2030641 corporate/2.1/SRPMS/python-2.2.1-14.4.C21mdk.src.rpm

Corporate Server 2.1/x86_64: 5b523008885552a89c17197f1091c850 x86_64/corporate/2.1/RPMS/libpython2.2-2.2.1-14.4.C21mdk.x86_64.rpm 44befc507f68059d14f46c758ed57380 x86_64/corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.4.C21mdk.x86_64.rpm 0dfefaf01bb9ac8a5cecc444900be1b2 x86_64/corporate/2.1/RPMS/python-2.2.1-14.4.C21mdk.x86_64.rpm cd79821fb454279049337f3bd0885479 x86_64/corporate/2.1/RPMS/python-base-2.2.1-14.4.C21mdk.x86_64.rpm 955bd9c56f666e19e146feb9da0087b7 x86_64/corporate/2.1/RPMS/python-docs-2.2.1-14.4.C21mdk.x86_64.rpm 651c007f402400e18c51ac97ae3da84e x86_64/corporate/2.1/RPMS/tkinter-2.2.1-14.4.C21mdk.x86_64.rpm 84625a172626fe08ff13bce7b2030641 x86_64/corporate/2.1/SRPMS/python-2.2.1-14.4.C21mdk.src.rpm

Mandrakelinux 9.0: 9e8ecf81acdf6e00066b020bead51c4a 9.0/RPMS/libpython2.2-2.2.1-14.4.90mdk.i586.rpm 990622b91606efd81f8fe2b40c8576f3 9.0/RPMS/libpython2.2-devel-2.2.1-14.4.90mdk.i586.rpm b91abc21fad8020cbee047ad1bbf0da8 9.0/RPMS/python-2.2.1-14.4.90mdk.i586.rpm a08fb0bad8dafca71f0e08a343c95412 9.0/RPMS/python-base-2.2.1-14.4.90mdk.i586.rpm 3d2be84aab4e0fab2cb86c9e6bacc25f 9.0/RPMS/python-docs-2.2.1-14.4.90mdk.i586.rpm a765ef4de6610a6ea880dc17aeab7636 9.0/RPMS/tkinter-2.2.1-14.4.90mdk.i586.rpm 1ad8d764521ada5597da5f5083dfd1f6 9.0/SRPMS/python-2.2.1-14.4.90mdk.src.rpm _______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver http://www.mandrakesecure.net 0x22458A98

Please be aware that sometimes it takes the mirrors a few hours to update.

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesecure.net/en/advisories/

Mandrakesoft has several security-related mailing list services that anyone can subscribe to. Information on these lists can be obtained by visiting:

http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFATqJ/mqjQ0CJFipgRAtEtAJkB8w2/Qf1eXYE/eGMBh55sKX/MpwCeI+No P3uOOAxXMBCVPT+J3QDN41E= =8F0Z -----END PGP SIGNATURE-----

  Nav
» Read more about: Story Type: Security; Groups: Mandriva

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.