Candidate: CVE-2010-1449
PublicDate: 2010-05-27 19:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1449
 http://bugs.python.org/issue8678
Description:
 Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5
 allows remote attackers to have an unspecified impact via a large image
 that triggers a buffer overflow.  NOTE: this vulnerability exists because
 of an incomplete fix for CVE-2008-3143.12.
Ubuntu-Description:
Notes:
 jdstrand> per upstream, python2.6 not affected
 jdstrand> fix for CVE-2007-4965 also fixed the rgbimg module. This CVE was
  assigned after the fact.
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_python2.4:
upstream_python2.4: released (2.4.4-7)
dapper_python2.4: ignored (reached end-of-life)
hardy_python2.4: not-affected (2.4.5-1ubuntu4.3)
jaunty_python2.4: ignored (reached end-of-life)
karmic_python2.4: ignored (reached end-of-life)
lucid_python2.4: DNE
maverick_python2.4: DNE
natty_python2.4: DNE
oneiric_python2.4: DNE
precise_python2.4: DNE
devel_python2.4: DNE

Patches_python2.5:
 upstream: http://hg.python.org/cpython/rev/f49d9314d439/
upstream_python2.5: released (2.5.1-6)
dapper_python2.5: DNE
hardy_python2.5: not-affected (2.5.2-2ubuntu6.1)
jaunty_python2.5: ignored (reached end-of-life)
karmic_python2.5: ignored (reached end-of-life)
lucid_python2.5: DNE
maverick_python2.5: DNE
natty_python2.5: DNE
oneiric_python2.5: DNE
precise_python2.5: DNE
devel_python2.5: DNE