[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Ned Deily]

Change by Ned Deily :


--
Removed message: https://bugs.python.org/msg342103

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Ned Deily]

Ned Deily  added the comment:


New changeset 77c02cdce2d7b8360771be35b7676a4977e070c1 by larryhastings (Steve 
Dower) in branch '3.4':
[3.4] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5992)
https://github.com/python/cpython/commit/77c02cdce2d7b8360771be35b7676a4977e070c1


--
nosy: +ned.deily

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Steve Dower]

Steve Dower  added the comment:

Thanks Larry for merging the backports!

--
resolution:  -> fixed
stage: patch review -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Larry Hastings]

Larry Hastings  added the comment:


New changeset f381cfe07d15d52f27de771a62a8167668f0dd51 by larryhastings (Steve 
Dower) in branch '3.5':
[3.5] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5991)
https://github.com/python/cpython/commit/f381cfe07d15d52f27de771a62a8167668f0dd51


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Larry Hastings]

Larry Hastings  added the comment:


New changeset 77c02cdce2d7b8360771be35b7676a4977e070c1 by larryhastings (Steve 
Dower) in branch '3.4':
[3.4] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5992)
https://github.com/python/cpython/commit/77c02cdce2d7b8360771be35b7676a4977e070c1


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Steve Dower]

Steve Dower  added the comment:

Thanks, Victor!

--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[STINNER Victor]

STINNER Victor  added the comment:

FYI I added this vulnerability to:
http://python-security.readthedocs.io/vuln/cve-2018-1000117_buffer_overflow_vulnerability_in_os.symlink_on_windows.html
https://github.com/vstinner/python-security/commit/349588e8265099341801b20aa18f87a42176f7df

--
nosy: +vstinner

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue33001] Buffer overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

[Steve Dower]

Steve Dower  added the comment:

FYI, the CVE number for this issue is CVE-2018-1000117.

--
title: Buffer overflow vulnerability in os.symlink on Windows -> Buffer 
overflow vulnerability in os.symlink on Windows (CVE-2018-1000117)

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com