New submission from Jan Lieskovsky ian...@seznam.cz:
Hello guys,
i am experiencing segmentation fault, when trying to set the
error indicator via the PyErr_SetString() method called from C source.
This occurs for all Python exceptions, as documented in:
http://docs.python.org/c-api
Changes by Jan Lieskovsky ian...@seznam.cz:
Added file: http://bugs.python.org/file14429/core.31283.bz2
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue6402
Changes by Jan Lieskovsky ian...@seznam.cz:
--
nosy: +benjamin.peterson, gregory.p.smith, pitrou, psss
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue6402
Jan Lieskovsky ian...@seznam.cz added the comment:
Hello guys,
what's the current state of this issue? The proposed patch hasn't
still been projected into upstream Python code, so wondering:
1, when and if it will be?
2, if you have found another solution / patch?
Thanks Regards, Jan
Jan Lieskovsky ian...@seznam.cz added the comment:
Link to older Python tracker issue discussing the same problem and
closed with won't fix:
http://bugs.python.org/issue946373
Strange enough, but implied from reading above issue, just an
idea (don't shoot :)). Wouldn't it be possible
New submission from Jan Lieskovsky ian...@seznam.cz:
A denial of service flaw was found in the way Simple XML-RPC Server module of
Python processed client connections, that were closed prior the complete
request body has been received. A remote attacker could use this flaw to cause
Python
Jan Lieskovsky ian...@seznam.cz added the comment:
CVE request:
[2] http://www.openwall.com/lists/oss-security/2012/02/13/3
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue14001
Jan Lieskovsky ian...@seznam.cz added the comment:
The CVE identifier of CVE-2012-0845 has been assigned to this issue:
[3] http://www.openwall.com/lists/oss-security/2012/02/13/4
--
title: Python v2.7.2 / v3.2.2 (SimpleXMLRPCServer): DoS (excessive CPU usage)
by processing malformed
Jan Lieskovsky added the comment:
The CVE identifier of CVE-2013-2099 has been assigned:
http://www.openwall.com/lists/oss-security/2013/05/16/6
to this issue.
--
nosy: +iankko
title: ssl.match_hostname() trips over crafted wildcard names - CVE-2013-2099
ssl.match_hostname() trips
Jan Lieskovsky added the comment:
Jeroen,
just out of curiosity. Is the current issue different from
CVE-2008-5983 (at first quick glance it looks the be the same issue):?
[1] http://bugs.python.org/issue5753
Thank you, Jan.
--
Jan iankko Lieskovsky
--
nosy: +iankko
New submission from Jan Lieskovsky ian...@seznam.cz:
Common Vulnerabilities and Exposures assigned an identifier
CVE-2008-5983 (and related CVE ids) to the following vulnerability:
Untrusted search path vulnerability in the PySys_SetArgv API function in
Python 2.6 and earlier, and possibly
Jan Lieskovsky ian...@seznam.cz added the comment:
To sum up the behavior, the following table displays whether
modules are read from the current working directory for various
ways how the python scripts can be launched (unfixed/fixed version):
unfixed fixed run
Jan Lieskovsky ian...@seznam.cz added the comment:
As no longer work of python ./foo.py after patch utilization may
cause, the update won't be acceptable, could you guys review the
above patch and potentially provide an another one?
--
___
Python
Jan Lieskovsky ian...@seznam.cz added the comment:
Just drop into /tmp and run (you will need the zenity package installed):
python3.1 ./test.py
or
gedit# unfixed gedit
in that directory.
--
Added file: http://bugs.python.org/file13686/py_umspath_test.tar.gz
Jan Lieskovsky ian...@seznam.cz added the comment:
Hello guys,
if I didn't overlook something pretty obvious, this should work
with python-2.6, but it crashes.
Could you please have a look?
Thanks, Jan.
--
Jan iankko Lieskovsky
--
nosy: +iankko
Added file: http://bugs.python.org
Jan Lieskovsky ian...@seznam.cz added the comment:
Antoine,
(re: #msg87083, #msg87084) -- while the API change is acceptable and
reasonable, it doesn't solve the core of the problem. I understand
the change needs to be 'backward compatible' and shouldn't break
the existing Python behavior
16 matches
Mail list logo