Gentoo Security Advisory GLSA 200807-16 (python) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200807-16.

Solution

All Python 2.4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/python-2.4.4-r14' All Python 2.5 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/python-2.5.2-r6' Please note that Python 2.3 is masked since June 24, and we will not be releasing updates to it. It will be removed from the tree in the near future. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200807-16 http://bugs.gentoo.org/show_bug.cgi?id=230640 http://bugs.gentoo.org/show_bug.cgi?id=232137

Insight

Multiple vulnerabilities in Python may allow for the execution of arbitrary code.

Severity

Classification

CVE CVE-2008-2315, CVE-2008-2316, CVE-2008-3142, CVE-2008-3143, CVE-2008-3144

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200403-13 (mplayer)
Gentoo Security Advisory GLSA 200404-08 (automake)
Gentoo Security Advisory GLSA 200401-04 (GAIM)
Gentoo Security Advisory GLSA 200406-22 (Pavuk)
Gentoo Security Advisory GLSA 200405-25 (tla)

Take action and discover your vulnerabilities