[issue3886] Integer overflow in _hashopenssl.c (CVE-2008-2316)
Gregory P. Smith
report at bugs.python.org
Fri Sep 19 00:29:19 CEST 2008
Gregory P. Smith <greg at krypto.org> added the comment:
Python 2.4 uses an 'int' for ob_size so it does not appear at first
glance that its sha module (what hashlib was derived from) is
susceptible to this bug when compiled as 64-bit.
----------
keywords: +64bit
nosy: +gregory.p.smith
versions: -Python 2.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue3886>
_______________________________________
More information about the Python-bugs-list
mailing list