Hi,
On Wed, 06.08.2008 at 13:27:31 +1000, Damien Miller [EMAIL PROTECTED] wrote:
On Tue, 5 Aug 2008, Damien Miller wrote:
Applied (though only exploitable on amd64) - new diff attached.
Ok, this has been committed - thanks to everyone who tested and
especially Toni Mueller and Valery
On Tue, 5 Aug 2008, Damien Miller wrote:
Applied (though only exploitable on amd64) - new diff attached.
Ok, this has been committed - thanks to everyone who tested and
especially Toni Mueller and Valery Masiutsin for their great help in
extracting the patches from Python's inscrutable release
Ok, here is a patch for lang/python/2.5.
It tests OK (passes regress) on i386, and I'm yet to do sparc64 and zaurus.
Tests on other platforms and testing with your favourite apps is welcome.
-d
Index: Makefile
===
RCS file:
Hi,
On Tue, 05.08.2008 at 18:36:34 +1000, Damien Miller [EMAIL PROTECTED] wrote:
Ok, here is a patch for lang/python/2.5.
thank you very much for the effort. Unfortunately, there's some more
stuff which should probably make it (code execution problems included).
I found these just today,
* [EMAIL PROTECTED] wrote:
I am no Python user myself but because some people here realy care for it
and because I read about this today I wanted to mention that there are
more issues to fix propably.
Gentoo reports about multiple integer/buffer overflows.
On Mon, 4 Aug 2008, Toni Mueller wrote:
Hi,
On Tue, 29.07.2008 at 21:32:18 -0600, Theo de Raadt
[EMAIL PROTECTED] wrote:
Perhaps whoever the maintainer is will merge this in time.
I hope so. Unfortunately, I feel unable to do this myself, but I also
wanted to avoid this getting lost,
On 2008/08/04 21:50, Damien Miller wrote:
Want to help? Then you can cherrypick the patches from the python 2.5
branch that close the vulnerabilities and post them to the list (as links
to the svn changesets in the python webcvs/viewvc) matched against CVE
numbers.
stringobject and zlib
Hello.
What about issues in #2588, #2599, #2620 ?
As far as i see from reading svn log of release25-maint, there are
also so called
apple security fixes and commit related to openbsd fcntl handling.
I've cherrypicked those patches, built python, it passes make regress,
and works fine for me,
is
On 2008/08/04 16:32, Valery Masiutsin wrote:
Hello.
What about issues in #2588, #2599, #2620 ?
Oh... Are python users supposed to tramp through the tickets just
to identify the security problems?
It would be nice if there was somewhere official to find these.
Like
On Mon, Aug 4, 2008 at 12:41 PM, Valery Masiutsin [EMAIL PROTECTED] wrote:
On 2008/08/04 16:32, Valery Masiutsin wrote:
Hello.
What about issues in #2588, #2599, #2620 ?
Oh... Are python users supposed to tramp through the tickets just
to identify the security problems?
It would be
10 matches
Mail list logo