CVE-2017-18207 (retired)

Priority
Description
** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in
Python through 3.6.4 does not ensure a nonzero channel value, which allows
attackers to cause a denial of service (divide-by-zero and exception) via a
crafted wav format audio file. NOTE: the vendor disputes this issue because
Python applications "need to be prepared to handle a wide variety of
exceptions."
Notes
 mdeslaur> this is disputed, marking as ignored
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored
More Information

Updated: 2019-03-26 12:25:28 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)