Your submission was sent successfully! Close

CVE-2008-1721

Published: 10 April 2008

Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

Priority

Medium

Status

Package Release Status
python2.4
Launchpad, Ubuntu, Debian
dapper
Released (2.4.3-0ubuntu6.2)
edgy Ignored
(end-of-life)
feisty
Released (2.4.4-2ubuntu7.2)
gutsy
Released (2.4.4-6ubuntu4.2)
hardy Not vulnerable

upstream Needs triage

Patches:
vendor: http://www.debian.org/security/2008/dsa-1551
python2.5
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Ignored
(end-of-life)
feisty
Released (2.5.1-0ubuntu1.2)
gutsy
Released (2.5.1-5ubuntu5.2)
hardy Not vulnerable

upstream Needs triage