[New-bugs-announce] [issue3886] Integer overflow in _hashopenssl.c (CVE-2008-2316)
Brett Cannon
report at bugs.python.org
Wed Sep 17 03:02:14 CEST 2008
New submission from Brett Cannon <brett at python.org>:
CVE-2008-2316
(http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316) notes that
_hashopenssl.c has a potential integer overflow. Attached is the patch
sent to PSRT.
----------
components: Extension Modules
files: CVE-2008-2316-trunk.diff
keywords: patch, patch
messages: 73321
nosy: brett.cannon
priority: release blocker
severity: normal
status: open
title: Integer overflow in _hashopenssl.c (CVE-2008-2316)
type: security
versions: Python 2.6, Python 3.0
Added file: http://bugs.python.org/file11507/CVE-2008-2316-trunk.diff
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue3886>
_______________________________________
More information about the New-bugs-announce
mailing list