Candidate: CVE-2008-5031
PublicDate: 2008-11-10 16:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5031
 http://scary.beasts.org/security/CESA-2008-008.html
 https://ubuntu.com/security/notices/USN-806-1
Description:
 Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow
 context-dependent attackers to have an unknown impact via a large integer
 value in the tabsize argument to the expandtabs method, as implemented by
 (1) the string_expandtabs function in Objects/stringobject.c and (2) the
 unicode_expandtabs function in Objects/unicodeobject.c.  NOTE: this
 vulnerability reportedly exists because of an incomplete fix for
 CVE-2008-2315.
Ubuntu-Description:
Notes:
 mdeslaur> PoC: http://scary.beasts.org/security/CESA-2008-008.html
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507317
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_python2.4:
 upstream: http://svn.python.org/view?view=rev&revision=67726
upstream_python2.4: released (2.4.6-1)
dapper_python2.4: released (2.4.3-0ubuntu6.3)
hardy_python2.4: released (2.4.5-1ubuntu4.2)
intrepid_python2.4: released (2.4.5-5ubuntu1.1)
jaunty_python2.4: not-affected (2.4.6-1ubuntu3)
devel_python2.4: not-affected (2.4.6-1ubuntu3)

Patches_python2.5:
 upstream: http://svn.python.org/view?view=rev&revision=61349
 upstream: http://svn.python.org/view?view=rev&revision=61350 (trunk)
upstream_python2.5: needs-triage
dapper_python2.5: DNE
gutsy_python2.5: needed (reached end-of-life)
hardy_python2.5: not-affected (2.5.2-2ubuntu4.1)
intrepid_python2.5: not-affected (2.5.2-11.1ubuntu1)
jaunty_python2.5: not-affected (2.5.4-1ubuntu4)
devel_python2.5: not-affected (2.5.4-1ubuntu4)