[Fwd: [SECURITY] [DSA 817-1] New python2.2 packages fix arbitrary code execution]

Michal Jaegermann michal at harddata.com
Sat Sep 24 20:42:54 UTC 2005


On Sat, Sep 24, 2005 at 03:15:15PM -0400, Jim Popovitch wrote:
> Michal Jaegermann wrote:
> > On Sat, Sep 24, 2005 at 10:23:00AM -0400, Jim Popovitch wrote:
> > 
> >>Michal Jaegermann wrote:
> >>
> >>>It is hard to imagine that somebody
> >>>quietly fixed such hole in Python packages for Red Hat distributions
> >>>and did not mention that anybody.  
> >>
> >>Wouldn't this count:
> >>   http://rhn.redhat.com/errata/RHSA-2005-761.html
> > 
> > 
> > Count to what?  
> 
> Count towards showing that RH had indeed released fixes.  Isn't that 
> what you were stating above, that you hadn't seen any releases for RH yet?

Sigh!  The above is about pcre itself and we are talking here about
a code embedded in Python.  Unfortunately this is an independet,
although related, issue.  There are now bugzilla numbers for that
(#166335 and #168318) but AFAICS no releases so far.

Would you like, please, to write a corresponding bugzilla entry for
Legacy packages or we should ask David for that?  It appears that he
already collected all data.

   Michal




More information about the fedora-legacy-list mailing list