Your submission was sent successfully! Close

CVE-2008-2316

Published: 1 August 2008

Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

Priority

Medium

Status

Package Release Status
python2.4
Launchpad, Ubuntu, Debian
dapper Not vulnerable
(code not present)
feisty Not vulnerable
(code not present)
gutsy Not vulnerable
(code not present)
hardy Not vulnerable
(code not present)
upstream Not vulnerable
(code not present)
python2.5
Launchpad, Ubuntu, Debian
dapper Does not exist

feisty
Released (2.5.1-0ubuntu1.2)
gutsy
Released (2.5.1-5ubuntu5.2)
hardy
Released (2.5.2-2ubuntu4.1)
upstream Pending