cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0da69615f6
openbsd-ports/lang/python/2.2/patches
History
brad 0da69615f6 Fix security issue with Python 2.1/2.2 
Zack Weinberg found a vulnerability in the way the exevpe() method
from the os.py module uses a temporary file name. A file which
supposedly should not exist is created in a unsafe way and the method
tries to execute it. The objective of such code is to discover what
error the operating system returns in a portable way.

By exploiting this vulnerability a local attacker can execute
arbitrary code with the privileges of the user running python code
which uses the execvpe() method.

http://python.org/sf/590294
http://python.org/sf/601077
2002-10-08 02:52:25 +00:00
..
patch-configure_in fixes for shared lib support 2002-05-12 01:05:49 +00:00
patch-Lib_os_py Fix security issue with Python 2.1/2.2 2002-10-08 02:52:25 +00:00
patch-Lib_tempfile_py - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-Lib_test_test_fcntl_py - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-Makefile_pre_in Python 2.1.2 and Python 2.2. 2002-02-15 19:42:18 +00:00
patch-Modules__localemodule_c - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-Modules_Setup_dist Fix security issue with Python 2.1/2.2 2002-10-08 02:52:25 +00:00
patch-Objects_abstract_c - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-Objects_stringobject_c - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-Python_getargs_c - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-Python_modsupport_c - 2.2 -> 2.2.1 2002-05-11 21:35:13 +00:00
patch-setup_py Fix security issue with Python 2.1/2.2 2002-10-08 02:52:25 +00:00