Mail archive
acf

[Acf] bug in python

From: Natanael Copa <natanael.copa_at_gmail.com>
Date: Wed, 18 Oct 2006 10:56:04 +0200

There is a bug in python:

Synopsis
========

A buffer overflow in Python's "repr()" function can be exploited to
cause a Denial of Service and potentially allows the execution of
arbitrary code.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980

We are not affected by this itself, but it is a reminder to us that it
is possible that there are bugs in lua. Then it does not help that *our*
code is bugfree.

I'm trying to say that it is desireable to get the model over to a
separate process and run the rest with lower permissions. I still don't
know how or when, just that I'd like to have that as a long-term goal.

Natanael Copa
Received on Wed Oct 18 2006 - 10:56:04 GMT