CVE-2014-1912
Published: 21 February 2014
Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string.
Priority
Status
Package | Release | Status |
---|---|---|
python2.7 Launchpad, Ubuntu, Debian |
upstream |
Ignored
(end of life)
|
lucid |
Does not exist
|
|
precise |
Released
(2.7.3-0ubuntu3.5)
|
|
quantal |
Released
(2.7.3-5ubuntu4.4)
|
|
saucy |
Released
(2.7.5-8ubuntu3.1)
|
|
Patches: upstream: http://hg.python.org/cpython/rev/87673659d8f7 |
||
python2.6 Launchpad, Ubuntu, Debian |
upstream |
Ignored
(end of life)
|
lucid |
Released
(2.6.5-1ubuntu6.3)
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
python3.1 Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needed
|
|
Patches: upstream: http://hg.python.org/cpython/rev/715fd3d8ac93 |
||
python3.2 Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Released
(3.2.3-0ubuntu3.6)
|
|
quantal |
Released
(3.2.3-6ubuntu3.5)
|
|
saucy |
Does not exist
|
|
upstream |
Needed
|
|
Patches: upstream: http://hg.python.org/cpython/rev/9c56217e5c79 |
||
python3.3 Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Released
(3.3.0-1ubuntu0.2)
|
|
saucy |
Released
(3.3.2-7ubuntu3.1)
|
|
upstream |
Needed
|
|
Patches: upstream: http://hg.python.org/cpython/rev/7f176a45211f |
||
python3.4 Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
saucy |
Does not exist
|
|
upstream |
Needed
|