[New-bugs-announce] [issue3886] Integer overflow in _hashopenssl.c (CVE-2008-2316)

Brett Cannon report at bugs.python.org
Wed Sep 17 03:02:14 CEST 2008

New submission from Brett Cannon <brett at python.org>:

(http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316) notes that
_hashopenssl.c has a potential integer overflow. Attached is the patch
sent to PSRT.

components: Extension Modules
files: CVE-2008-2316-trunk.diff
keywords: patch, patch
messages: 73321
nosy: brett.cannon
priority: release blocker
severity: normal
status: open
title: Integer overflow in _hashopenssl.c (CVE-2008-2316)
type: security
versions: Python 2.6, Python 3.0
Added file: http://bugs.python.org/file11507/CVE-2008-2316-trunk.diff

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list