Guy Hulbert said the following on 8/15/2008 11:36 AM: > This is an old problem. > http://www.python.org/files/news/security/PSF-2006-001/PSF-2006-001.txt
I must respectfully disagree. Did you read the bulletin I referenced? CVE-2008-2315, for one, was published in late July 2008. It states in part:
"Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules."
This is *not* an old problem. -- David E. Sallis, Software Architect General Dynamics Information Technology NOAA Coastal Data Development Center Stennis Space Center, Mississippi 228.688.3805 [EMAIL PROTECTED] [EMAIL PROTECTED] -------------------------------------------- "Better Living Through Software Engineering" -------------------------------------------- _______________________________________________ Stackless mailing list [email protected] http://www.stackless.com/mailman/listinfo/stackless
