thr3ads.net - Secure testing commits - [Secure-testing-commits] r2089

If this information is useful, please help other people find it:
Share via:

Micah Anderson

2005-Sep-22 12:33 UTC

[Secure-testing-commits] r2089 - in data: DTSA/advs packages

Author: micah
Date: 2005-09-22 12:33:08 +0000 (Thu, 22 Sep 2005)
New Revision: 2089

Added:
   data/DTSA/advs/19-python2.2.adv
Modified:
   data/packages/removed-packages
Log:
Preparing python2.2 adv.
added xerves24 to removed-packages


Added: data/DTSA/advs/19-python2.2.adv
==================================================================---
data/DTSA/advs/19-python2.2.adv	2005-09-22 12:00:31 UTC (rev 2088)
+++ data/DTSA/advs/19-python2.2.adv	2005-09-22 12:33:08 UTC (rev 2089)
@@ -0,0 +1,17 @@
+source: python2.2
+date: September 22, 2005
+author: Micah Anderson
+vuln-type: integer overflow
+problem-scope: remote
+debian-specifc: no
+cve: CAN-2005-2491
+vendor-advisory: 
+testing-fix: 2.2.3dfsg-2sarge1
+sid-fix: 2.2.3dfsg-4
+upgrade: apt-get install python2.2
+
+An integer overflow with a subsequent buffer overflow has been detected
+in PCRE, the Perl Compatible Regular Expressions library, allowing
+a remote attacker to execute arbitrary code. This code is also present in
Python.
+Exploiting this vulnerability requires an attacker to specify the used
+regular expression.

Modified: data/packages/removed-packages
==================================================================---
data/packages/removed-packages	2005-09-22 12:00:31 UTC (rev 2088)
+++ data/packages/removed-packages	2005-09-22 12:33:08 UTC (rev 2089)
@@ -2,3 +2,4 @@
 # archive, one per line.
 
 openwebmail
+xerces24

Secure testing commits - Sep 2005 - r2089 - in data: DTSA/advs packages

[Secure-testing-commits] r2089 - in data: DTSA/advs packages