CVE-2008-5031

Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
python2.4	9.04 jaunty	Not affected
	8.10 intrepid	Fixed 2.4.5-5ubuntu1.1
	8.04 LTS hardy	Fixed 2.4.5-1ubuntu4.2
	6.06 LTS dapper	Fixed 2.4.3-0ubuntu6.3
python2.5	9.04 jaunty	Not affected
	8.10 intrepid	Not affected
	8.04 LTS hardy	Not affected
	7.10 gutsy	Ignored end of life, was needed
	6.06 LTS dapper	Not in release

Notes

mdeslaur

PoC: http://scary.beasts.org/security/CESA-2008-008.html

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
python2.4	Upstream: http://svn.python.org/view?view=rev&revision=67726
python2.5	Upstream: http://svn.python.org/view?view=rev&revision=61349 Upstream: http://svn.python.org/view?view=rev&revision=61350

References

Related Ubuntu Security Notices (USN)

USN-806-1
Python vulnerabilities
23 July 2009

Status

Notes

Patch details

References

Related Ubuntu Security Notices (USN)

Other references