Package: python2.7 Version: 2.7.3-6+deb7u2 Severity: normal Tags: security,patch
Dear Maintainer, As reported upstream, the JSON module of Python is vulnerable for reading arbitrary process memory. Please apply the patch as included in the bug report http://bugs.python.org/issue21529 I'm not aware of any CVE assigned to this bug. Patch is applied upstream in 2.7.7, so this only applies to wheezy and squeeze-lts. --- python2.7-2.7.3/Modules/_json.c 2012-04-10 01:07:33.000000000 +0200 +++ python2.7-2.7.3-withpatch/Modules/_json.c 2014-06-23 13:40:15.647298884 +0200 @@ -1491,7 +1491,7 @@ PyObject *res; char *str = PyString_AS_STRING(pystr); Py_ssize_t length = PyString_GET_SIZE(pystr); - if (idx >= length) { + if ( idx < 0 || idx >= length) { PyErr_SetNone(PyExc_StopIteration); return NULL; } @@ -1578,7 +1578,7 @@ PyObject *res; Py_UNICODE *str = PyUnicode_AS_UNICODE(pystr); Py_ssize_t length = PyUnicode_GET_SIZE(pystr); - if (idx >= length) { + if ( idx < 0 || idx >= length) { PyErr_SetNone(PyExc_StopIteration); return NULL; } -- System Information: Debian Release: 7.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages python2.7 depends on: ii libbz2-1.0 1.0.6-4 ii libc6 2.13-38+deb7u1 ii libdb5.1 5.1.29-5 ii libexpat1 2.1.0-1+deb7u1 ii libgcc1 1:4.7.2-5 ii libncursesw5 5.9-10 ii libreadline6 6.2+dfsg-0.1 ii libsqlite3-0 3.7.13-1+deb7u1 ii libtinfo5 5.9-10 ii mime-support 3.52-1 ii python2.7-minimal 2.7.3-6+deb7u2 python2.7 recommends no packages. Versions of packages python2.7 suggests: ii binutils 2.22-8 pn python2.7-doc <none> -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
