Bug 12127 - python new readline() DoS security issues (was CVE-2013-1752)
: python new readline() DoS security issues (was CVE-2013-1752)
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: Cauldron
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: Philippe Makowski
: Sec team
: http://lwn.net/Vulnerabilities/590908/
: MGA3TOO
:
: 12772 13041
:
  Show dependency treegraph
 
Reported: 2013-12-27 18:27 CET by David Walser
Modified: 2014-03-24 12:29 CET (History)
0 users

See Also:
Source RPM: python-2.7.5-11.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-12-27 18:27:21 CET
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1046174
http://openwall.com/lists/oss-security/2013/12/23/10

Because these issues have been fixed or will be fixed in multiple different versions of python, CVE-2013-1752 has been rejected and new CVEs will be assigned.  Some of the issues are fixed in python 2.7.6, some will be in a later release.

Reproducible: 

Steps to Reproduce:
Comment 1 Philippe Makowski 2014-02-08 11:05:45 CET
Since today no other distro updated Python 2.7.5 to 2.7.6 and since the situation is not clear yet and that not all issues are fixed in 2.7.6, I will wait, unless someone have a better idea.
By the way, fwang updated Python to 2.7.6 in Cauldron
Comment 2 David Walser 2014-03-24 12:29:20 CET
All better now :o)

Note You need to log in before you can comment on or make changes to this bug.