python: CVE-2010-1634: fixed?

To: debian-security-tracker@lists.debian.org
Cc: henrich@debian.or.jp, doko@debian.org
Subject: python: CVE-2010-1634: fixed?
From: Hideki Yamane <henrich@debian.or.jp>
Date: Wed, 11 Aug 2010 23:15:09 +0900
Message-id: <[🔎] 20100811231509.25f9ea82.henrich@debian.or.jp>

Hi,

 http://security-tracker.debian.org/tracker/CVE-2010-1634

>python2.6 (PTS)	
>squeeze	2.6.5+20100706-1	vulnerable
>sid	2.6.6~rc1-1	vulnerable

>python2.7 (PTS)	
>experimental	2.7-3	vulnerable

>python3.1 (PTS)	
>squeeze, sid	3.1.2+20100707-1	vulnerable


 With brief look at only Modules/audioop.c, suggested patch at
 http://bugs.python.org/file17281/python2.6-audioop-int-overflows.diff
 seems already to be applied, so I seems to be fixed.
 Maintainer, how about this?


-- 
Regards,

 Hideki Yamane     henrich @ debian.or.jp/org
 http://wiki.debian.org/HidekiYamane

Reply to:

Prev by Date: icedove: CVE-2009-2408: it doesn't seem to affect
Next by Date: bind9: CVE-2010-0213 would seem to affect squeeze
Previous by thread: Re: icedove: CVE-2009-2408: it doesn't seem to affect
Next by thread: bind9: CVE-2010-0213 would seem to affect squeeze
Index(es):
- Date
- Thread