mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-03 01:23:49 +00:00
Code Issues Releases Activity
8376e27862
freebsd-ports/lang/python33
History
Kubilay Kocak 7a2c2ce6e7 lang/python*: Backport security fix for CVE-2014-1912 
A vulnerability was reported [1] in Python's socket module, due to a
boundary error within the sock_recvfrom_into() function, which could be
exploited to cause a buffer overflow.

This could be used to crash a Python application that uses the
socket.recvfrom_info() function or, possibly, execute arbitrary code
with the permissions of the user running vulnerable Python code.

This vulnerable function, socket.recvfrom_into(), was introduced in
Python 2.5. Earlier versions are not affected by this flaw.  This is
fixed in upstream branches for version 2.7, 3.1, 3.2 and 3.3.

[1] http://bugs.python.org/issue20246

MFH:		2014Q1
Security:	8e5e6d42-a0fa-11e3-b09a-080027f2d077
2014-03-01 10:52:55 +00:00
..
files lang/python*: Backport security fix for CVE-2014-1912 2014-03-01 10:52:55 +00:00
distinfo
Makefile lang/python*: Backport security fix for CVE-2014-1912 2014-03-01 10:52:55 +00:00
pkg-descr
pkg-message
pkg-plist