Please take our Survey

Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...

[USN-73-1] Python vulnerability: msg#00002

linux.ubuntu.security.announce

Subject:	[USN-73-1] Python vulnerability

===========================================================
Ubuntu Security Notice USN-73-1 February 03, 2005
python2.2, python2.3 vulnerability
CAN-2005-0089
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

python2.2
python2.3

The problem can be corrected by upgrading the affected package to
version 2.2.3-10ubuntu0.1 (python2.2) and 2.3.4-2ubuntu0.1
(python2.3). After a standard system upgrade you must restart all
running Python server applications that use XML-RPC to effect the
necessary changes.

Details follow:

The Python developers discovered a flaw in the SimpleXMLRPCServer
module. Python XML-RPC servers that used the register_instance()
method to register an object, but do not have a _dispatch() method,
allowed remote users to access or change function internals using the
im_* and func_* attributes.

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2_2.2.3-10ubuntu0.1.diff.gz
Size/MD5: 1927781 2df9c99747532348619bbb8d8d5f3996

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2_2.2.3-10ubuntu0.1.dsc
Size/MD5: 1184 3e1c5d029c99987852bad718712dcf76

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2_2.2.3.orig.tar.gz
Size/MD5: 6711816 c23fbe6a0cdf800734f5813b9f7cb1d0

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3_2.3.4-2ubuntu0.1.diff.gz
Size/MD5: 2284380 04304bcdf030e24976fa4f846b754aa8

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3_2.3.4-2ubuntu0.1.dsc
Size/MD5: 1141 28c897b1a2c44ee9eb72cc30177f8697

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3_2.3.4.orig.tar.gz
Size/MD5: 8502596 d68a6a490c04b2c8f664ba4f2192e2fb

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/idle-python2.2_2.2.3-10ubuntu0.1_all.deb
Size/MD5: 116018 b4ab3787a4c6b4025a9ae70393990b45

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.3/idle-python2.3_2.3.4-2ubuntu0.1_all.deb
Size/MD5: 228350 07375ecb2762227776cd700429d8531c

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-doc_2.2.3-10ubuntu0.1_all.deb
Size/MD5: 2268242 a572cf6409ca4a82721952ae7d36529d

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-examples_2.2.3-10ubuntu0.1_all.deb
Size/MD5: 479006 cdf96d86449bdbd72ef25e5830a9a8fe

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-doc_2.3.4-2ubuntu0.1_all.deb
Size/MD5: 2816894 91930107a10bb529d3cba16312457d76

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-examples_2.3.4-2ubuntu0.1_all.deb
Size/MD5: 507732 2daf5ccaec4f6b967223b09b15f85197

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2-dev_2.2.3-10ubuntu0.1_amd64.deb
Size/MD5: 1402344 a1d36ff39d0fb0cf2a05b22175f3083f

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-gdbm_2.2.3-10ubuntu0.1_amd64.deb
Size/MD5: 20138 e771840c7881423e226d0fb37a2e1a1e

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-mpz_2.2.3-10ubuntu0.1_amd64.deb
Size/MD5: 24932 a71d0c4e6301b330b62edc73865300ae

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2-tk_2.2.3-10ubuntu0.1_amd64.deb
Size/MD5: 96092 606bcccac218c73b3f86658cb4ba4750

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-xmlbase_2.2.3-10ubuntu0.1_amd64.deb
Size/MD5: 54902 a030a68171c6fc6591a9e8af1ed1c31b

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2_2.2.3-10ubuntu0.1_amd64.deb
Size/MD5: 2240692 59cb63acc72ee9b6b93f786555f6343f

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-dev_2.3.4-2ubuntu0.1_amd64.deb
Size/MD5: 1747592 a9c0dd251682fb7101ebfcad03d1d114

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-gdbm_2.3.4-2ubuntu0.1_amd64.deb
Size/MD5: 22300 5cc5444cf4c6361e7f2bb7970a53dad2

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-mpz_2.3.4-2ubuntu0.1_amd64.deb
Size/MD5: 27138 f362a0c22d0ebeb4f82910ce8fad2206

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-tk_2.3.4-2ubuntu0.1_amd64.deb
Size/MD5: 104686 ce82ad1e4225e88a9d442e86e3df1cbd

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3_2.3.4-2ubuntu0.1_amd64.deb
Size/MD5: 2868960 2eb165d9c2654606c26cf2f8e195b638

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2-dev_2.2.3-10ubuntu0.1_i386.deb
Size/MD5: 1272072 875cdbb06f99e8a47e3c101e15663c8a

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-gdbm_2.2.3-10ubuntu0.1_i386.deb
Size/MD5: 19798 d77efa2115ebe5865ea364851469a829

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-mpz_2.2.3-10ubuntu0.1_i386.deb
Size/MD5: 23686 45e1ed9fd53a647d917537c10c7a46d6

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2-tk_2.2.3-10ubuntu0.1_i386.deb
Size/MD5: 93364 389380de54da2d08c7b04c1aa4c95677

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-xmlbase_2.2.3-10ubuntu0.1_i386.deb
Size/MD5: 53162 90aaed4f73b488ada5cd06986d226614

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2_2.2.3-10ubuntu0.1_i386.deb
Size/MD5: 2114526 47c6ae1fece9dc560b1e8936e79df43e

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-dev_2.3.4-2ubuntu0.1_i386.deb
Size/MD5: 1601264 7abd99ff94b75c7afd6c1588215293de

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-gdbm_2.3.4-2ubuntu0.1_i386.deb
Size/MD5: 21950 9b9dde52eabbc8814c1e3afa2704473f

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-mpz_2.3.4-2ubuntu0.1_i386.deb
Size/MD5: 25828 e784462eff29ce1e01bfe752868abd27

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-tk_2.3.4-2ubuntu0.1_i386.deb
Size/MD5: 102082 dcdfa6a516d8d304f61d545004ddd966

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3_2.3.4-2ubuntu0.1_i386.deb
Size/MD5: 2709818 3cb0d2298cd5f16cc788a605030cb443

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2-dev_2.2.3-10ubuntu0.1_powerpc.deb
Size/MD5: 1503152 4256f400ee60f9742b126b0e1b3a7632

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-gdbm_2.2.3-10ubuntu0.1_powerpc.deb
Size/MD5: 21666 6ee9aba13aeeaa94241a8c3374845cf1

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-mpz_2.2.3-10ubuntu0.1_powerpc.deb
Size/MD5: 26042 6379c3913926b334540a7242375d0941

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2-tk_2.2.3-10ubuntu0.1_powerpc.deb
Size/MD5: 96722 cb91d46072de61a5ada927174302ffe9

http://security.ubuntu.com/ubuntu/pool/universe/p/python2.2/python2.2-xmlbase_2.2.3-10ubuntu0.1_powerpc.deb
Size/MD5: 55926 8cc515a6cf422176e742308f084d3f19

http://security.ubuntu.com/ubuntu/pool/main/p/python2.2/python2.2_2.2.3-10ubuntu0.1_powerpc.deb
Size/MD5: 2358186 d741cf48639a380c1a2b0e403d5ed8d6

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-dev_2.3.4-2ubuntu0.1_powerpc.deb
Size/MD5: 1863678 57357eb08927011b1cd7d380ff95bdf5

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-gdbm_2.3.4-2ubuntu0.1_powerpc.deb
Size/MD5: 23732 b5c6ce94233cd2ec0766f2719f398cc8

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-mpz_2.3.4-2ubuntu0.1_powerpc.deb
Size/MD5: 28194 d177c4e8a8f4a939978720e52a70f46b

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3-tk_2.3.4-2ubuntu0.1_powerpc.deb
Size/MD5: 105318 344134e35b32ee6943a77e4e11dd4d05

http://security.ubuntu.com/ubuntu/pool/main/p/python2.3/python2.3_2.3.4-2ubuntu0.1_powerpc.deb
Size/MD5: 3024388 852ffcf5cfd7fcf2f1f65121f58dced9

signature.asc
Description: Digital signature

<Prev in Thread]	Current Thread	[Next in Thread>

Previous by Date:	[USN-72-1] Perl vulnerabilities, Martin Pitt
Next by Date:	[USN-74-1] Postfix vulnerability, Martin Pitt
Previous by Thread:	[USN-72-1] Perl vulnerabilities, Martin Pitt
Next by Thread:	[USN-74-1] Postfix vulnerability, Martin Pitt
Indexes:	[Date] [Thread] [Top] [All Lists]

Recently Viewed:
version-control... qnx.openqnx.dev... redhat.rhn.user... ietf.openpgp/20... mail.mutt.user/... web.microformat... java.sync4j.use... education.ezpro... user-groups.blu... solaris.manager... org.fitug.debat... technology.erps... politics.activi... linux.redhat.fe... bug-tracking.ma... xfce.user/2004-... hams/2004-11/ms... kde.users.pim/2... culture.cooking... freebsd.devel.x... gnu.m4.adhoc/20... ngpt.user/2002-... apple.fink.deve...

Home | advertise | OSDir is an inevitable website. super tiny logo

Free Magazines

Cisco News
Receive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business.
subscribe

Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field.
subscribe

The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business.
subscribe

Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company.
subscribe

Total Telecom Total Telecom is "The Economist of the communications industry".
subscribe

Navigation