To comment on the following update, log in, then open the issue: http://www.openoffice.org/issues/show_bug.cgi?id=101106 Issue #|101106 Summary|Python 2.3.4 ancient and security-buggy in various way |s Component|utilities Version|OOO310m9 Platform|Other URL| OS/Version|All Status|NEW Status whiteboard| Keywords| Resolution| Issue type|DEFECT Priority|P2 Subcomponent|code Assigned to|jbu Reported by|rene
------- Additional comments from [email protected] Wed Apr 15 12:07:36 +0000 2009 ------- Just looked over Debians changelog since Python 2.3.4: 14:03 <@_rene_> paveljanik: since python 2.3.4: CAN-2005-0089, CVE-2006-4980, * Fix some unsafe 64-bit mmap methods, backport from 2.5. Closes: #340661. 14:03 <@IZBot> no issue with number 340661 14:04 <@_rene_> paveljanik: CVE-2007-4965, http://bugs.python.org/issue1179: Multiple integer overflows in the imageop module in Python 2.5.1 and 14:04 <@_rene_> * Fix CVE-2008-1679, integer overflows in the imageop module. 14:04 <@_rene_> * Fix CVE-2008-1721, integer signedness error in the zlib extension module. 14:04 <@_rene_> * Fix CVE-2008-1887, issue2587, PyString_FromStringAndSize() to be 14:04 <@_rene_> considered unsafe. 14:04 <@_rene_> * CVE-2008-3143 was fixed in 2.4.5-1. 14:04 <@_rene_> * Fix issues #2588, #2589, CVE-2008-3144, fix potential integer underflow 14:04 <@_rene_> and overflow conditions in the PyOS_vsnprintf C API function. 14:04 <@_rene_> * Fix CVE-2008-2315, more overflow checking in extension modules. 14:04 <@IZBot> Word processor DEFECT CLOSED DUPLICATE P3 opening a dos format text document requires user to select ASCII filter type http://qa.openoffice.org/issues/show_bug.cgi?id=2589 14:04 <@_rene_> * Fix CVE-2008-4864, imageop did not validate arguments correctly 14:04 <@_rene_> and could segfault as a result. Closes: #504620. 14:04 <@IZBot> no issue with number 504620 14:04 <@_rene_> - Prevent expandtabs() on string and unicode objects from causing a 14:04 <@_rene_> segfault when a large width is passed on 32-bit platforms. 14:04 <@_rene_> CVE-2008-5031. Closes: #507317. --------------------------------------------------------------------- Please do not reply to this automatically generated notification from Issue Tracker. Please log onto the website and enter your comments. http://qa.openoffice.org/issue_handling/project_issues.html#notification --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
