[Bug 755383] New: VUL-0: python: hash collision DoS
https://bugzilla.novell.com/show_bug.cgi?id=755383 https://bugzilla.novell.com/show_bug.cgi?id=755383#c0 Summary: VUL-0: python: hash collision DoS Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: ASSIGNED Severity: Normal Priority: P5 - None Component: Other AssignedTo: jmatejek@suse.com ReportedBy: mvyskocil@suse.com QAContact: security-team@suse.de CC: lnussel@suse.com, security-team@suse.de Depends on: 751718 Found By: Other Blocker: --- +++ This bug was initially created as a clone of Bug #751718 +++ Your friendly security team received the following report via oss-security. Please respond ASAP. The issue is public. CVE-2012-1150 python dictionaries are prone to hash table collision attacks. Web services for example might store parameters of a GET or POST request in a dictionary. An attacker may use this to cause high CPU load http://bugs.python.org/issue13703 http://seclists.org/fulldisclosure/2011/Dec/477 http://www.ocert.org/advisories/ocert-2011-003.html https://bugzilla.redhat.com/show_bug.cgi?id=750555 --------------------------- This one is for python3 for openSUSE 12.1 only. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=755383
https://bugzilla.novell.com/show_bug.cgi?id=755383#c
Michal Vyskocil
https://bugzilla.novell.com/show_bug.cgi?id=755383
https://bugzilla.novell.com/show_bug.cgi?id=755383#c1
Jan Matejek
https://bugzilla.novell.com/show_bug.cgi?id=755383
https://bugzilla.novell.com/show_bug.cgi?id=755383#c
Swamp Workflow Management
https://bugzilla.novell.com/show_bug.cgi?id=755383 https://bugzilla.novell.com/show_bug.cgi?id=755383#c Bug 755383 depends on bug 751718, which changed state. Bug 751718 Summary: VUL-0: python: hash collision DoS http://bugzilla.novell.com/show_bug.cgi?id=751718 What |Old Value |New Value ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=755383
https://bugzilla.novell.com/show_bug.cgi?id=755383#c2
Ludwig Nussel
http://bugzilla.novell.com/show_bug.cgi?id=755383
SMASH SMASH
http://bugzilla.novell.com/show_bug.cgi?id=755383
Swamp Workflow Management
participants (1)
-
bugzilla_noreply@novell.com