[Secure-testing-commits] r2089 - in data: DTSA/advs packages
Micah Anderson
micah at costa.debian.org
Thu Sep 22 12:33:09 UTC 2005
Author: micah
Date: 2005-09-22 12:33:08 +0000 (Thu, 22 Sep 2005)
New Revision: 2089
Added:
data/DTSA/advs/19-python2.2.adv
Modified:
data/packages/removed-packages
Log:
Preparing python2.2 adv.
added xerves24 to removed-packages
Added: data/DTSA/advs/19-python2.2.adv
===================================================================
--- data/DTSA/advs/19-python2.2.adv 2005-09-22 12:00:31 UTC (rev 2088)
+++ data/DTSA/advs/19-python2.2.adv 2005-09-22 12:33:08 UTC (rev 2089)
@@ -0,0 +1,17 @@
+source: python2.2
+date: September 22, 2005
+author: Micah Anderson
+vuln-type: integer overflow
+problem-scope: remote
+debian-specifc: no
+cve: CAN-2005-2491
+vendor-advisory:
+testing-fix: 2.2.3dfsg-2sarge1
+sid-fix: 2.2.3dfsg-4
+upgrade: apt-get install python2.2
+
+An integer overflow with a subsequent buffer overflow has been detected
+in PCRE, the Perl Compatible Regular Expressions library, allowing
+a remote attacker to execute arbitrary code. This code is also present in Python.
+Exploiting this vulnerability requires an attacker to specify the used
+regular expression.
Modified: data/packages/removed-packages
===================================================================
--- data/packages/removed-packages 2005-09-22 12:00:31 UTC (rev 2088)
+++ data/packages/removed-packages 2005-09-22 12:33:08 UTC (rev 2089)
@@ -2,3 +2,4 @@
# archive, one per line.
openwebmail
+xerces24
More information about the Secure-testing-commits
mailing list