Package : python2.4 Vulnerability : buffer overflow Problem-Type : local(remote) Debian-specific: no CVE ID : CVE-2006-4980 Debian Bug : 391589
Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
For the stable distribution (sarge) this problem has been fixed in version 2.4.1-2sarge1. Due to build problems this update lacks fixed packages for the m68k architecture. Once they are sorted out, binaries for m68k will be released.
For the unstable distribution (sid) this problem has been fixed in version 2.4.4-1.
We recommend that you upgrade your Python 2.4 packages.
Upgrade Instructions - --------------------
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge - --------------------------------