Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2007-2052

Publication date 16 April 2007

Last updated 24 July 2024


Ubuntu priority

Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination.

Status

Package Ubuntu Release Status
python2.3 7.10 gutsy Not in release
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper
Not affected
python2.4 7.10 gutsy
Not affected
7.04 feisty
Not affected
6.10 edgy
Fixed 2.4.4~c1-0ubuntu1.1
6.06 LTS dapper
Fixed 2.4.3-0ubuntu6.1
python2.5 7.10 gutsy
Not affected
7.04 feisty
Not affected
6.10 edgy
Fixed 2.5-2ubuntu2.1
6.06 LTS dapper Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
python2.4
python2.5

References

Related Ubuntu Security Notices (USN)

    • USN-585-1
    • Python vulnerabilities
    • 11 March 2008

Other references