455013 – (CVE-2008-3143) CVE-2008-3143 python: Multiple integer overflows discovered by Google

Bug 455013 (CVE-2008-3143) - CVE-2008-3143 python: Multiple integer overflows discovered by Google

Summary: CVE-2008-3143 python: Multiple integer overflows discovered by Google

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2008-3143
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	486106 486114 486329 486330 486351 486352 537915
Blocks:
TreeView+	depends on / blocked

Reported:	2008-07-11 13:45 UTC by Jan Lieskovsky
Modified:	2019-09-29 12:25 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	540523 (view as bug list)
Environment:
Last Closed:	2015-08-22 07:03:42 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2009:1176	normal	SHIPPED_LIVE	Moderate: python security update	2009-07-27 09:22:50 UTC
Red Hat Product Errata	RHSA-2009:1177	normal	SHIPPED_LIVE	Moderate: python security update	2009-07-27 09:35:19 UTC
Red Hat Product Errata	RHSA-2009:1178	normal	SHIPPED_LIVE	Moderate: python security update	2009-07-27 09:36:40 UTC

Description Jan Lieskovsky 2008-07-11 13:45:13 UTC

Description of problem:

Added checks for integer overflows, contributed by Google. Some are
only available if asserts are left in the code, in cases where they
can't be triggered from Python code.

Proposed upstream patch:

http://svn.python.org/view?rev=60793&view=rev

Comment 2 Jan Lieskovsky 2008-10-30 14:44:47 UTC

The Red Hat Security Response Team has rated this issue as having low security
impact, a future update may address this flaw.  More information regarding
issue severity can be found here:
http://www.redhat.com/security/updates/classification/

Comment 10 errata-xmlrpc 2009-07-27 09:23:12 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2009:1176 https://rhn.redhat.com/errata/RHSA-2009-1176.html

Comment 11 errata-xmlrpc 2009-07-27 09:35:37 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 4

Via RHSA-2009:1177 https://rhn.redhat.com/errata/RHSA-2009-1177.html

Comment 12 errata-xmlrpc 2009-07-27 09:37:31 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 3

Via RHSA-2009:1178 https://rhn.redhat.com/errata/RHSA-2009-1178.html

Note You need to log in before you can comment on or make changes to this bug.