FS#39540 - [python] CVE-2013-7338: ZipExtFile.read - 100% CPU infinite loop on maliciously binary edited zip
Attached to Project:
Arch Linux
Opened by Billy Wayne McCann (bwayne) - Wednesday, 19 March 2014, 15:46 GMT
Last edited by Felix Yan (felixonmars) - Thursday, 20 March 2014, 01:29 GMT
Opened by Billy Wayne McCann (bwayne) - Wednesday, 19 March 2014, 15:46 GMT
Last edited by Felix Yan (felixonmars) - Thursday, 20 March 2014, 01:29 GMT
|
Details
Description:
CVE-2013-7338 ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zip (Issue20078 [0]) Additional info: * package version(s) Python 3.3 & 3.4 Resolution: patch [1] *Note This issue (Issue20078) is not fixed within the Python 3.4.0 release. [2] Therefore marked "Resolution: patch" [0] http://bugs.python.org/issue20078 [1] http://hg.python.org/cpython/rev/79ea4ce431b1 [2] http://docs.python.org/3.4/whatsnew/3.4.html |
This task depends upon
Closed by Felix Yan (felixonmars)
Thursday, 20 March 2014, 01:29 GMT
Reason for closing: Not a bug
Additional comments about closing: Thanks for the report, but the patch is already in 3.4.0.
Thursday, 20 March 2014, 01:29 GMT
Reason for closing: Not a bug
Additional comments about closing: Thanks for the report, but the patch is already in 3.4.0.
http://bugs.python.org/review/download/issue20078_10454.diff
This page may be a better source for what issues are fixed in which version: http://docs.python.org/3.4/whatsnew/changelog.html