Source: py-lmdb Version: 1.4.1-3 Severity: important Tags: security upstream Forwarded: https://github.com/jnwatson/py-lmdb/issues/210 X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]> Control: found -1 1.4.0-1 Control: found -1 1.0.0-1
Hi, The following vulnerabilities were published for py-lmdb. CVE-2019-16224[0]: | An issue was discovered in py-lmdb 0.97. For certain values of | md_flags, mdb_node_add does not properly set up a memcpy | destination, leading to an invalid write operation. NOTE: this | outcome occurs when accessing a data.mdb file supplied by an | attacker. CVE-2019-16225[1]: | An issue was discovered in py-lmdb 0.97. For certain values of | mp_flags, mdb_page_touch does not properly set up | mc->mc_pg[mc->top], leading to an invalid write operation. NOTE: | this outcome occurs when accessing a data.mdb file supplied by an | attacker. CVE-2019-16226[2]: | An issue was discovered in py-lmdb 0.97. mdb_node_del does not | validate a memmove in the case of an unexpected node->mn_hi, leading | to an invalid write operation. NOTE: this outcome occurs when | accessing a data.mdb file supplied by an attacker. CVE-2019-16227[3]: | An issue was discovered in py-lmdb 0.97. For certain values of | mn_flags, mdb_cursor_set triggers a memcpy with an invalid write | operation within mdb_xcursor_init1. NOTE: this outcome occurs when | accessing a data.mdb file supplied by an attacker. CVE-2019-16228[4]: | An issue was discovered in py-lmdb 0.97. There is a divide-by-zero | error in the function mdb_env_open2 if mdb_env_read_header obtains a | zero value for a certain size field. NOTE: this outcome occurs when | accessing a data.mdb file supplied by an attacker. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-16224 https://www.cve.org/CVERecord?id=CVE-2019-16224 [1] https://security-tracker.debian.org/tracker/CVE-2019-16225 https://www.cve.org/CVERecord?id=CVE-2019-16225 [2] https://security-tracker.debian.org/tracker/CVE-2019-16226 https://www.cve.org/CVERecord?id=CVE-2019-16226 [3] https://security-tracker.debian.org/tracker/CVE-2019-16227 https://www.cve.org/CVERecord?id=CVE-2019-16227 [4] https://security-tracker.debian.org/tracker/CVE-2019-16228 https://www.cve.org/CVERecord?id=CVE-2019-16228 [5] https://github.com/jnwatson/py-lmdb/issues/210 [6] https://github.com/jnwatson/py-lmdb/pull/429 Regards, Salvatore
