Launchpad CVE tracker

CVE 2008-2316

Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

Related bugs and status

CVE-2008-2316 (Candidate) is related to these bugs:

Bug #209507: All python `idle` packages use the same name in Applications menu

Summary				In	Importance	Status
	209507	All python `idle` packages use the same name in Applications menu		python2.4 (Ubuntu)	Low	Confirmed
	209507	All python `idle` packages use the same name in Applications menu		python2.5 (Ubuntu)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.gentoo.org...
CONFIRM: http://wiki.rpath.com/...
GENTOO: GLSA-200807-16
MANDRIVA: MDVSA-2008:163
SUSE: SUSE-SR:2008:017
UBUNTU: USN-632-1
BID: 30491
SECUNIA: 31358
SECUNIA: 31305
SECUNIA: 31332
SECUNIA: 31365
SECUNIA: 31518
SECUNIA: 31687
SECUNIA: 31473
APPLE: APPLE-SA-2009-02-12
SECUNIA: 33937
CONFIRM: http://support.apple.c...
VUPEN: ADV-2008-2288
CONFIRM: http://bugs.gentoo.org...
CONFIRM: http://www.novell.com/...
SLACKWARE: SSA:2008-217-01
XF: python-hashlib-overflo...
XF: python-multiple-bo(44173)
BUGTRAQ: 20080813 rPSA-2008-024...

Launchpad.net

CVE 2008-2316

Related bugs and status

Related bugs

References