Common Vulnerabilities and Exposures assigned an identifier CVE-2008-5031 to the following vulnerability: Multiple integer overflows in Python 2.5.2 allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031 http://www.openwall.com/lists/oss-security/2008/11/05/2 http://www.openwall.com/lists/oss-security/2008/11/05/3 http://scary.beasts.org/security/CESA-2008-008.html http://svn.python.org/view/python/trunk/Objects/unicodeobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/unicodeobject.c&p2=/python/trunk/Objects/unicodeobject.c http://svn.python.org/view/python/trunk/Objects/stringobject.c?rev=61350&view=diff&r1=61350&r2=61349&p1=python/trunk/Objects/stringobject.c&p2=/python/trunk/Objects/stringobject.c Patch against trunk: http://svn.python.org/view?rev=61350&view=rev Patch against release25-maint: http://svn.python.org/view?rev=61349&view=rev Reproducer: http://scary.beasts.org/security/CESA-2008-008.html (part "Integer overflow in string expandtabs operation")
Other reproducers demonstrating this flaw: * string poc: s = 'AA\t\n\tAAAAAAAA' len(s.expandtabs(0x7ffffffe)) * unicode poc: s = u'AA\t\n\tAAAAAAAA' len(s.expandtabs(0x7ffffffe))
Affected python versions: 2.2.3 <= x <= 2.5.2 This issue affects all versions of the python package, as shipped with Red Hat Enterprise Linux 3, 4 and 5. This issue affects all versions of the python package, as shipped with Fedora releases of 8, 9 and 10.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2009:1176 https://rhn.redhat.com/errata/RHSA-2009-1176.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2009:1177 https://rhn.redhat.com/errata/RHSA-2009-1177.html
This issue has been addressed in following products: Red Hat Enterprise Linux 3 Via RHSA-2009:1178 https://rhn.redhat.com/errata/RHSA-2009-1178.html
To address this issue in the F-10 branch, should I be updating to 2.5.4 which has addressed this CVE?
Statement: (none)