CVE-2008-5031

Common Vulnerabilities and Exposures

Upstream information

CVE-2008-5031 at MITRE

Description

Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. NOTE: this vulnerability reportedly exists because of an incomplete fix for CVE-2008-2315.

NVD CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entry: 443653

SUSE Security Advisories:

SUSE-SR:2009:001, published Mon, 12 Jan 2009 13:00:00 +0000

List of released packages

Product(s)	Fixed package version(s)	References
Novell Linux Desktop 9 for x86 Novell Linux POS 9 Open Enterprise Server SUSE CORE 9 for IBM S/390 31bit SUSE CORE 9 for x86	`python >= 2.3.3-88.26` `python-curses >= 2.3.3-88.26` `python-demo >= 2.3.3-88.26` `python-devel >= 2.3.3-88.26` `python-doc >= 2.3.3-88.26` `python-doc-pdf >= 2.3.3-88.26` `python-gdbm >= 2.3.3-88.26` `python-idle >= 2.3.3-88.26` `python-mpz >= 2.3.3-88.26` `python-tk >= 2.3.3-88.26` `python-xml >= 2.3.3-88.26`	sles9-oes.x86 core9.x86 sles9-nld.x86-64 core9.ppc core9.s390 core9.ia64 sles9-nld.x86 core9.x86-64 sles9-nlpos.x86 core9.s390x YOU Patch Nr: 12316
SUSE CORE 9 for Itanium Processor Family	`python >= 2.3.3-88.26` `python-curses >= 2.3.3-88.26` `python-demo >= 2.3.3-88.26` `python-devel >= 2.3.3-88.26` `python-doc >= 2.3.3-88.26` `python-doc-pdf >= 2.3.3-88.26` `python-gdbm >= 2.3.3-88.26` `python-idle >= 2.3.3-88.26` `python-mpz >= 2.3.3-88.26` `python-tk >= 2.3.3-88.26` `python-x86 >= 9-200812011728` `python-xml >= 2.3.3-88.26`	sles9-oes.x86 core9.x86 sles9-nld.x86-64 core9.ppc core9.s390 core9.ia64 sles9-nld.x86 core9.x86-64 sles9-nlpos.x86 core9.s390x YOU Patch Nr: 12316
SUSE CORE 9 for IBM POWER	`python >= 2.3.3-88.26` `python-64bit >= 9-200812011733` `python-curses >= 2.3.3-88.26` `python-demo >= 2.3.3-88.26` `python-devel >= 2.3.3-88.26` `python-doc >= 2.3.3-88.26` `python-doc-pdf >= 2.3.3-88.26` `python-gdbm >= 2.3.3-88.26` `python-idle >= 2.3.3-88.26` `python-mpz >= 2.3.3-88.26` `python-tk >= 2.3.3-88.26` `python-xml >= 2.3.3-88.26`	sles9-oes.x86 core9.x86 sles9-nld.x86-64 core9.ppc core9.s390 core9.ia64 sles9-nld.x86 core9.x86-64 sles9-nlpos.x86 core9.s390x YOU Patch Nr: 12316
SUSE CORE 9 for IBM zSeries 64bit	`python >= 2.3.3-88.26` `python-32bit >= 9-200812011726` `python-curses >= 2.3.3-88.26` `python-demo >= 2.3.3-88.26` `python-devel >= 2.3.3-88.26` `python-doc >= 2.3.3-88.26` `python-doc-pdf >= 2.3.3-88.26` `python-gdbm >= 2.3.3-88.26` `python-idle >= 2.3.3-88.26` `python-mpz >= 2.3.3-88.26` `python-tk >= 2.3.3-88.26` `python-xml >= 2.3.3-88.26`	sles9-oes.x86 core9.x86 sles9-nld.x86-64 core9.ppc core9.s390 core9.ia64 sles9-nld.x86 core9.x86-64 sles9-nlpos.x86 core9.s390x YOU Patch Nr: 12316
Novell Linux Desktop 9 for x86_64 SUSE CORE 9 for AMD64 and Intel EM64T	`python >= 2.3.3-88.26` `python-32bit >= 9-200812011728` `python-curses >= 2.3.3-88.26` `python-demo >= 2.3.3-88.26` `python-devel >= 2.3.3-88.26` `python-doc >= 2.3.3-88.26` `python-doc-pdf >= 2.3.3-88.26` `python-gdbm >= 2.3.3-88.26` `python-idle >= 2.3.3-88.26` `python-mpz >= 2.3.3-88.26` `python-tk >= 2.3.3-88.26` `python-xml >= 2.3.3-88.26`	sles9-oes.x86 core9.x86 sles9-nld.x86-64 core9.ppc core9.s390 core9.ia64 sles9-nld.x86 core9.x86-64 sles9-nlpos.x86 core9.s390x YOU Patch Nr: 12316
SUSE CORE 9 for AMD64 and Intel EM64T	`python >= 2.3.3-88.28` `python-curses >= 2.3.3-88.28` `python-demo >= 2.3.3-88.28` `python-devel >= 2.3.3-88.28` `python-doc >= 2.3.3-88.28` `python-doc-pdf >= 2.3.3-88.28` `python-gdbm >= 2.3.3-88.28` `python-idle >= 2.3.3-88.28` `python-mpz >= 2.3.3-88.28` `python-tk >= 2.3.3-88.28` `python-xml >= 2.3.3-88.28`	Builds YOU Patch Nr: 12762
SUSE Linux Enterprise Desktop 10 SP2 for x86	`python >= 2.4.2-18.25` `python-curses >= 2.4.2-18.25` `python-devel >= 2.4.2-18.25` `python-gdbm >= 2.4.2-18.25` `python-tk >= 2.4.2-18.25` `python-xml >= 2.4.2-18.25`	sled10-sp2.x86 sles10-sp2.ia64 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.s390x sles10-sp2.ppc sles10-sp2.x86 sle10-sp2-sdk.s390x sled10-sp2.x86-64 sle10-sp2-sdk.ppc ZYPP Patch Nr: 5837
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T	`python >= 2.4.2-18.25` `python-32bit >= 2.4.2-18.25` `python-curses >= 2.4.2-18.25` `python-devel >= 2.4.2-18.25` `python-gdbm >= 2.4.2-18.25` `python-tk >= 2.4.2-18.25` `python-xml >= 2.4.2-18.25`	sled10-sp2.x86 sles10-sp2.ia64 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.s390x sles10-sp2.ppc sles10-sp2.x86 sle10-sp2-sdk.s390x sled10-sp2.x86-64 sle10-sp2-sdk.ppc ZYPP Patch Nr: 5837
SUSE Linux Enterprise Server 10 SP2 for x86	`python >= 2.4.2-18.25` `python-curses >= 2.4.2-18.25` `python-demo >= 2.4.2-18.25` `python-devel >= 2.4.2-18.25` `python-gdbm >= 2.4.2-18.25` `python-idle >= 2.4.2-18.25` `python-tk >= 2.4.2-18.25` `python-xml >= 2.4.2-18.25`	sled10-sp2.x86 sles10-sp2.ia64 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.s390x sles10-sp2.ppc sles10-sp2.x86 sle10-sp2-sdk.s390x sled10-sp2.x86-64 sle10-sp2-sdk.ppc ZYPP Patch Nr: 5837
SUSE Linux Enterprise Server 10 SP2 for IPF	`python >= 2.4.2-18.25` `python-curses >= 2.4.2-18.25` `python-demo >= 2.4.2-18.25` `python-devel >= 2.4.2-18.25` `python-gdbm >= 2.4.2-18.25` `python-idle >= 2.4.2-18.25` `python-tk >= 2.4.2-18.25` `python-x86 >= 2.4.2-18.25` `python-xml >= 2.4.2-18.25`	sled10-sp2.x86 sles10-sp2.ia64 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.s390x sles10-sp2.ppc sles10-sp2.x86 sle10-sp2-sdk.s390x sled10-sp2.x86-64 sle10-sp2-sdk.ppc ZYPP Patch Nr: 5837
SUSE Linux Enterprise Server 10 SP2 for IBM POWER	`python >= 2.4.2-18.25` `python-64bit >= 2.4.2-18.25` `python-curses >= 2.4.2-18.25` `python-demo >= 2.4.2-18.25` `python-devel >= 2.4.2-18.25` `python-gdbm >= 2.4.2-18.25` `python-idle >= 2.4.2-18.25` `python-tk >= 2.4.2-18.25` `python-xml >= 2.4.2-18.25`	sled10-sp2.x86 sles10-sp2.ia64 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.s390x sles10-sp2.ppc sles10-sp2.x86 sle10-sp2-sdk.s390x sled10-sp2.x86-64 sle10-sp2-sdk.ppc ZYPP Patch Nr: 5837
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit	`python >= 2.4.2-18.25` `python-32bit >= 2.4.2-18.25` `python-curses >= 2.4.2-18.25` `python-demo >= 2.4.2-18.25` `python-devel >= 2.4.2-18.25` `python-gdbm >= 2.4.2-18.25` `python-idle >= 2.4.2-18.25` `python-tk >= 2.4.2-18.25` `python-xml >= 2.4.2-18.25`	sled10-sp2.x86 sles10-sp2.ia64 sle10-sp2-sdk.x86 sles10-sp2.x86-64 sle10-sp2-sdk.ia64 sle10-sp2-sdk.x86-64 sles10-sp2.s390x sles10-sp2.ppc sles10-sp2.x86 sle10-sp2-sdk.s390x sled10-sp2.x86-64 sle10-sp2-sdk.ppc ZYPP Patch Nr: 5837

Markets

Products By Category

Novell

NetIQ (Moving soon to NetIQ.com)

A-Z

Contribute