Novell Home

CVE-2013-7338

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-7338 at MITRE

Description

Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.

NVD CVSS v2 Base Score: 7.1 (AV:N/AC:M/Au:N/C:N/I:N/A:C)

SUSE information

SUSE Bugzilla entry: 869222

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • libpython3_3m1_0 >= 3.3.0-6.15.1
  • libpython3_3m1_0-32bit >= 3.3.0-6.15.1
  • libpython3_3m1_0-debuginfo >= 3.3.0-6.15.1
  • libpython3_3m1_0-debuginfo-32bit >= 3.3.0-6.15.1
  • python3 >= 3.3.0-6.15.2
  • python3-32bit >= 3.3.0-6.15.2
  • python3-base >= 3.3.0-6.15.1
  • python3-base-32bit >= 3.3.0-6.15.1
  • python3-base-debuginfo >= 3.3.0-6.15.1
  • python3-base-debuginfo-32bit >= 3.3.0-6.15.1
  • python3-base-debugsource >= 3.3.0-6.15.1
  • python3-curses >= 3.3.0-6.15.2
  • python3-curses-debuginfo >= 3.3.0-6.15.2
  • python3-dbm >= 3.3.0-6.15.2
  • python3-dbm-debuginfo >= 3.3.0-6.15.2
  • python3-debuginfo >= 3.3.0-6.15.2
  • python3-debuginfo-32bit >= 3.3.0-6.15.2
  • python3-debugsource >= 3.3.0-6.15.2
  • python3-devel >= 3.3.0-6.15.1
  • python3-devel-debuginfo >= 3.3.0-6.15.1
  • python3-doc >= 3.3.0-6.15.1
  • python3-doc-pdf >= 3.3.0-6.15.1
  • python3-idle >= 3.3.0-6.15.1
  • python3-testsuite >= 3.3.0-6.15.1
  • python3-testsuite-debuginfo >= 3.3.0-6.15.1
  • python3-tk >= 3.3.0-6.15.2
  • python3-tk-debuginfo >= 3.3.0-6.15.2
  • python3-tools >= 3.3.0-6.15.1
Patchnames:
openSUSE-2014-333
openSUSE 13.1
  • libpython3_3m1_0 >= 3.3.5-5.4.1
  • libpython3_3m1_0-32bit >= 3.3.5-5.4.1
  • libpython3_3m1_0-debuginfo >= 3.3.5-5.4.1
  • libpython3_3m1_0-debuginfo-32bit >= 3.3.5-5.4.1
  • python3 >= 3.3.5-5.4.1
  • python3-32bit >= 3.3.5-5.4.1
  • python3-base >= 3.3.5-5.4.1
  • python3-base-32bit >= 3.3.5-5.4.1
  • python3-base-debuginfo >= 3.3.5-5.4.1
  • python3-base-debuginfo-32bit >= 3.3.5-5.4.1
  • python3-base-debugsource >= 3.3.5-5.4.1
  • python3-curses >= 3.3.5-5.4.1
  • python3-curses-debuginfo >= 3.3.5-5.4.1
  • python3-dbm >= 3.3.5-5.4.1
  • python3-dbm-debuginfo >= 3.3.5-5.4.1
  • python3-debuginfo >= 3.3.5-5.4.1
  • python3-debuginfo-32bit >= 3.3.5-5.4.1
  • python3-debugsource >= 3.3.5-5.4.1
  • python3-devel >= 3.3.5-5.4.1
  • python3-devel-debuginfo >= 3.3.5-5.4.1
  • python3-doc >= 3.3.5-5.4.1
  • python3-doc-pdf >= 3.3.5-5.4.1
  • python3-idle >= 3.3.5-5.4.1
  • python3-testsuite >= 3.3.5-5.4.1
  • python3-testsuite-debuginfo >= 3.3.5-5.4.1
  • python3-tk >= 3.3.5-5.4.1
  • python3-tk-debuginfo >= 3.3.5-5.4.1
  • python3-tools >= 3.3.5-5.4.1
Patchnames:
openSUSE-2014-278

© 2015 Novell