Oval Definition:oval:org.mitre.oval:def:7152
Revision Date:2014-06-23Version:21
Title:DSA-1977 python2.4 python2.5 -- several vulnerabilities
Description:Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In addition, this update fixes an integer overflow in the hashlib module in python2.5. This vulnerability could allow an attacker to defeat cryptographic digests. It only affects the oldstable distribution.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-2316
CVE-2009-3560
CVE-2009-3720
DSA-1977
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):python2.4 python2.5
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • python2.4-examples is earlier than 2.4.6-1+lenny1
  • OR idle-python2.4 is earlier than 2.4.6-1+lenny1
  • OR idle-python2.5 is earlier than 2.5.2-15+lenny1
  • OR python2.5-examples is earlier than 2.5.2-15+lenny1
  • OR python2.4-dev is earlier than 2.4.6-1+lenny1
  • OR python2.4-minimal is earlier than 2.4.6-1+lenny1
  • OR python2.5 is earlier than 2.5.2-15+lenny1
  • OR python2.4 is earlier than 2.4.6-1+lenny1
  • OR python2.5-minimal is earlier than 2.5.2-15+lenny1
  • OR python2.4-dbg is earlier than 2.4.6-1+lenny1
  • OR python2.5-dbg is earlier than 2.5.2-15+lenny1
  • OR python2.5-dev is earlier than 2.5.2-15+lenny1
  • OR Architecture dependent section
  • Installed architecture is arm
  • AND Packages section
  • python2.4-dev is earlier than 2.4.6-1+lenny1
  • OR python2.4 is earlier than 2.4.6-1+lenny1
  • OR python2.4-dbg is earlier than 2.4.6-1+lenny1
  • OR python2.4-minimal is earlier than 2.4.6-1+lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • idle-python2.5 is earlier than 2.5-5+etch2
  • OR python2.4-examples is earlier than 2.4.4-3+etch3
  • OR idle-python2.4 is earlier than 2.4.4-3+etch3
  • OR python2.5-examples is earlier than 2.5-5+etch2
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is mipsel
  • OR Installed architecture is arm
  • AND Packages section
  • python2.4-dev is earlier than 2.4.4-3+etch3
  • OR python2.4-minimal is earlier than 2.4.4-3+etch3
  • OR python2.5 is earlier than 2.5-5+etch2
  • OR python2.4 is earlier than 2.4.4-3+etch3
  • OR python2.5-minimal is earlier than 2.5-5+etch2
  • OR python2.4-dbg is earlier than 2.4.4-3+etch3
  • OR python2.5-dev is earlier than 2.5-5+etch2
  • OR python2.5-dbg is earlier than 2.5-5+etch2
    • BACK