Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2014-1912

Published: 21 February 2014

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.

Priority

Medium

Status

Package Release Status
python2.6
Launchpad, Ubuntu, Debian
lucid
Released (2.6.5-1ubuntu6.3)
precise Does not exist

quantal Does not exist

saucy Does not exist

upstream Ignored
(reached end-of-life)
python2.7
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (2.7.3-0ubuntu3.5)
quantal
Released (2.7.3-5ubuntu4.4)
saucy
Released (2.7.5-8ubuntu3.1)
upstream Ignored
(reached end-of-life)
Patches:
upstream: http://hg.python.org/cpython/rev/87673659d8f7



python3.1
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise Does not exist

quantal Does not exist

saucy Does not exist

upstream Needed

Patches:

upstream: http://hg.python.org/cpython/rev/715fd3d8ac93


python3.2
Launchpad, Ubuntu, Debian
lucid Does not exist

precise
Released (3.2.3-0ubuntu3.6)
quantal
Released (3.2.3-6ubuntu3.5)
saucy Does not exist

upstream Needed

Patches:


upstream: http://hg.python.org/cpython/rev/9c56217e5c79

python3.3
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal
Released (3.3.0-1ubuntu0.2)
saucy
Released (3.3.2-7ubuntu3.1)
upstream Needed

Patches:



upstream: http://hg.python.org/cpython/rev/7f176a45211f
python3.4
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal Does not exist

saucy Does not exist

upstream Needed