Package name
python
Date
2014-02-19
Advisory ID
MDVSA-2014:041
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

A vulnerability was reported in Python's socket module, due to a
boundary error within the sock_recvfrom_into() function, which could
be exploited to cause a buffer overflow. This could be used to crash a
Python application that uses the socket.recvfrom_info() function or,
possibly, execute arbitrary code with the permissions of the user
running vulnerable Python code (CVE-2014-1912).

The updated packages have been patched to correct this issue.

Updated packages

MES5 i586

 9f5d8acdfaff42d2fe7aae145aa6bdf4  mes5/i586/libpython2.5-2.5.2-5.13mdvmes5.2.i586.rpm
 87e946a35ed4a041ce15fb328a94962f  mes5/i586/libpython2.5-devel-2.5.2-5.13mdvmes5.2.i586.rpm
 8e89735ab8baa2f6975f8238b082c059  mes5/i586/python-2.5.2-5.13mdvmes5.2.i586.rpm
 903a0bd59758cf89d2cfc6f50dfccf31  mes5/i586/python-base-2.5.2-5.13mdvmes5.2.i586.rpm
 12299e01e8a6854b9b737e7134e0c67e  mes5/i586/python-docs-2.5.2-5.13mdvmes5.2.i586.rpm
 6981e8ff73aea76e7781c9f4eaa16221  mes5/i586/tkinter-2.5.2-5.13mdvmes5.2.i586.rpm
 b48267baca317515f87ba162ed4eab02  mes5/i586/tkinter-apps-2.5.2-5.13mdvmes5.2.i586.rpm 
 83a624a38fbf33f8dd30be16c059fedd  mes5/SRPMS/python-2.5.2-5.13mdvmes5.2.src.rpm

MBS1 x86_64

 949fbdcadfe90fd12d6c6dcc2d1740ef  mbs1/x86_64/lib64python2.7-2.7.3-4.5.mbs1.x86_64.rpm
 750b20f80e21a7b2a753b736fb3bbb9b  mbs1/x86_64/lib64python-devel-2.7.3-4.5.mbs1.x86_64.rpm
 9264c30b67dd6fa5438b73ecc9e218aa  mbs1/x86_64/python-2.7.3-4.5.mbs1.x86_64.rpm
 e3245ecc8907e9ae9e8dc70e23d057c6  mbs1/x86_64/python-docs-2.7.3-4.5.mbs1.noarch.rpm
 b2fa904583d40bca084cc24c1599cc47  mbs1/x86_64/tkinter-2.7.3-4.5.mbs1.x86_64.rpm
 f115c68c0713f3681d411d635c910374  mbs1/x86_64/tkinter-apps-2.7.3-4.5.mbs1.x86_64.rpm 
 ad12c7fe3e8f82dd0e4836288af1198a  mbs1/SRPMS/python-2.7.3-4.5.mbs1.src.rpm

MES5 x86_64

 d29187d3073068ca4dd23a7e873ad23f  mes5/x86_64/lib64python2.5-2.5.2-5.13mdvmes5.2.x86_64.rpm
 6a982f71c8363e6bce7f8958168702bd  mes5/x86_64/lib64python2.5-devel-2.5.2-5.13mdvmes5.2.x86_64.rpm
 75bc4436ed423dcedaf209d774bcbfab  mes5/x86_64/python-2.5.2-5.13mdvmes5.2.x86_64.rpm
 33a74fac35c5009fcc066d774f4b200d  mes5/x86_64/python-base-2.5.2-5.13mdvmes5.2.x86_64.rpm
 945d27beff9becc2b207027edd6b90e1  mes5/x86_64/python-docs-2.5.2-5.13mdvmes5.2.x86_64.rpm
 9163259f05462f665998c2add88f8631  mes5/x86_64/tkinter-2.5.2-5.13mdvmes5.2.x86_64.rpm
 63d61503b92a17c04548db2b60faa395  mes5/x86_64/tkinter-apps-2.5.2-5.13mdvmes5.2.x86_64.rpm 
 83a624a38fbf33f8dd30be16c059fedd  mes5/SRPMS/python-2.5.2-5.13mdvmes5.2.src.rpm

References