CVE-2008-2316
Published: 1 August 2008
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
Priority
Status
Package | Release | Status |
---|---|---|
python2.4 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(code not present)
|
feisty |
Not vulnerable
(code not present)
|
|
gutsy |
Not vulnerable
(code not present)
|
|
hardy |
Not vulnerable
(code not present)
|
|
upstream |
Not vulnerable
(code not present)
|
|
python2.5 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
feisty |
Released
(2.5.1-0ubuntu1.2)
|
|
gutsy |
Released
(2.5.1-5ubuntu5.2)
|
|
hardy |
Released
(2.5.2-2ubuntu4.1)
|
|
upstream |
Pending
|