Mandriva Update For Python MDVSA-2008:085 (python) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. The updated packages have been patched to prevent this issue.

Affected

python on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVE CVE-2008-1721
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:098 (krb5)
Mandrake Security Advisory MDVSA-2009:111 (firefox)
Mandrake Security Advisory MDVSA-2009:134 (firefox)
Mandrake Security Advisory MDVSA-2009:162 (java-1.6.0-openjdk)
Mandrake Security Advisory MDVSA-2009:050-1 (python-pycrypto)

Mandriva Update for python MDVSA-2008:085 (python)

Take action and discover your vulnerabilities