MDKSA-2004:019 : Updated python packages fix buffer overflow vulnerability
Posted on: 03/10/2004 04:11 AM

Mandrakelinux Security Update Advisory
_______________________________________________________________________

Package name: python
Advisory ID: MDKSA-2004:019
Date: March 9th, 2004

Affected versions: 9.0, Corporate Server 2.1
______________________________________________________________________

Problem Description:

A buffer overflow in python 2.2's getaddrinfo() function was discovered by Sebastian Schmidt. If python 2.2 is built without IPv6 support, an attacker could configure their name server to let a hostname resolve to a special IPv6 address, which could contain a memory address where shellcode is placed. This problem does not affect python versions prior to 2.2 or versions 2.2.2+, and it also doesn't exist if IPv6 support is enabled.

The updated packages have been patched to correct the problem. Thanks to Sebastian for both the discovery and patch.

_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0150
______________________________________________________________________

Updated Packages:

Corporate Server 2.1:
879da513052f8a7f22f46b32c8edd064 corporate/2.1/RPMS/libpython2.2-2.2.1-14.4.C21mdk.i586.rpm
41aabf6642342583667e7f7614b2b1af corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.4.C21mdk.i586.rpm
79afd48bc89cf1dd3580f9b9d210ab08 corporate/2.1/RPMS/python-2.2.1-14.4.C21mdk.i586.rpm
0e6280b152a9f65677da9ce35bbfc987 corporate/2.1/RPMS/python-base-2.2.1-14.4.C21mdk.i586.rpm
9e0eaadd3d9e3a15b95acb17fbde064d corporate/2.1/RPMS/python-docs-2.2.1-14.4.C21mdk.i586.rpm
f241bc6291f1d5a46e95a2e5fa7e7791 corporate/2.1/RPMS/tkinter-2.2.1-14.4.C21mdk.i586.rpm
84625a172626fe08ff13bce7b2030641 corporate/2.1/SRPMS/python-2.2.1-14.4.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
5b523008885552a89c17197f1091c850 x86_64/corporate/2.1/RPMS/libpython2.2-2.2.1-14.4.C21mdk.x86_64.rpm
44befc507f68059d14f46c758ed57380 x86_64/corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.4.C21mdk.x86_64.rpm
0dfefaf01bb9ac8a5cecc444900be1b2 x86_64/corporate/2.1/RPMS/python-2.2.1-14.4.C21mdk.x86_64.rpm
cd79821fb454279049337f3bd0885479 x86_64/corporate/2.1/RPMS/python-base-2.2.1-14.4.C21mdk.x86_64.rpm
955bd9c56f666e19e146feb9da0087b7 x86_64/corporate/2.1/RPMS/python-docs-2.2.1-14.4.C21mdk.x86_64.rpm
651c007f402400e18c51ac97ae3da84e x86_64/corporate/2.1/RPMS/tkinter-2.2.1-14.4.C21mdk.x86_64.rpm
84625a172626fe08ff13bce7b2030641 x86_64/corporate/2.1/SRPMS/python-2.2.1-14.4.C21mdk.src.rpm

Mandrakelinux 9.0:
9e8ecf81acdf6e00066b020bead51c4a 9.0/RPMS/libpython2.2-2.2.1-14.4.90mdk.i586.rpm
990622b91606efd81f8fe2b40c8576f3 9.0/RPMS/libpython2.2-devel-2.2.1-14.4.90mdk.i586.rpm
b91abc21fad8020cbee047ad1bbf0da8 9.0/RPMS/python-2.2.1-14.4.90mdk.i586.rpm
a08fb0bad8dafca71f0e08a343c95412 9.0/RPMS/python-base-2.2.1-14.4.90mdk.i586.rpm
3d2be84aab4e0fab2cb86c9e6bacc25f 9.0/RPMS/python-docs-2.2.1-14.4.90mdk.i586.rpm
a765ef4de6610a6ea880dc17aeab7636 9.0/RPMS/tkinter-2.2.1-14.4.90mdk.i586.rpm
1ad8d764521ada5597da5f5083dfd1f6 9.0/SRPMS/python-2.2.1-14.4.90mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

Please be aware that sometimes it takes the mirrors a few hours to update.

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesecure.net/en/advisories/


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/mdksa_2004019_updated_python_packages_fix_buffer_overflow_vulnerability.html)