FreeBSD Ports: python24

The remote host is missing an update to the system as announced in the referenced advisory.

The following packages are affected: python24 python25 python23 CVE-2008-2315 Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule modules. CVE-2008-2316 Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to 'partial hashlib hashing of data exceeding 4GB.' CVE-2008-3142 Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. CVE-2008-3144 Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of certain integer values is also affected by related integer underflows and an off-by-one error.

Update your system with the appropriate patches or software upgrades. http://bugs.python.org/issue2620 http://bugs.python.org/issue2588 http://bugs.python.org/issue2589 http://secunia.com/advisories/31305 http://mail.python.org/pipermail/python-checkins/2008-July/072276.html http://mail.python.org/pipermail/python-checkins/2008-July/072174.html http://mail.python.org/pipermail/python-checkins/2008-June/070481.html http://www.vuxml.org/freebsd/0dccaa28-7f3c-11dd-8de5-0030843d3802.html