Common Vulnerabilities and Exposures assigned an identifier CVE-2008-4864 to the following vulnerability: Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679. References: http://scary.beasts.org/security/CESA-2008-008.html http://svn.python.org/view?rev=66689&view=rev http://www.securityfocus.com/bid/31976 http://www.openwall.com/lists/oss-security/2008/10/27/2 http://www.openwall.com/lists/oss-security/2008/10/29/3
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
Reproducer: import imageop s = '' imageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) from http://scary.beasts.org/security/CESA-2008-008.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1176 https://rhn.redhat.com/errata/RHSA-2009-1176.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2009:1177 https://rhn.redhat.com/errata/RHSA-2009-1177.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1178 https://rhn.redhat.com/errata/RHSA-2009-1178.html
Has this been addressed everywhere? The only python 2.5 we actively ship in Fedora is 2.5.2 in the F-10 branch, which looks to have addressed this CVE.