Bug 12127 - python new readline() DoS security issues (was CVE-2013-1752)
Summary: python new readline() DoS security issues (was CVE-2013-1752)
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: i586 Linux
: Normal normal
Target Milestone: ---
Assignee: Philippe Makowski
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/590908/
Whiteboard: MGA3TOO
Keywords:
Depends on: 12772 13041
Blocks:
  Show dependency treegraph
 
Reported: 2013-12-27 18:27 CET by David Walser
Modified: 2014-03-24 12:29 CET (History)
0 users

See Also:
Source RPM: python-2.7.5-11.mga4.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2013-12-27 18:27:21 CET
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1046174
http://openwall.com/lists/oss-security/2013/12/23/10

Because these issues have been fixed or will be fixed in multiple different versions of python, CVE-2013-1752 has been rejected and new CVEs will be assigned.  Some of the issues are fixed in python 2.7.6, some will be in a later release.

Reproducible: 

Steps to Reproduce:
Comment 1 Philippe Makowski 2014-02-08 11:05:45 CET
Since today no other distro updated Python 2.7.5 to 2.7.6 and since the situation is not clear yet and that not all issues are fixed in 2.7.6, I will wait, unless someone have a better idea.
By the way, fwang updated Python to 2.7.6 in Cauldron
Comment 2 David Walser 2014-03-24 12:29:20 CET
All better now :o)

Note You need to log in before you can comment on or make changes to this bug.