JSON module: reading arbitrary process memory

Bug #1333396 reported by Gert van Dijk
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Python
Fix Released
Unknown
python2.6 (Ubuntu)
Invalid
Undecided
Unassigned
Lucid
Won't Fix
Undecided
Unassigned
python2.7 (Debian)
Fix Released
Unknown
python2.7 (Ubuntu)
Fix Released
Undecided
Unassigned
Precise
Won't Fix
Undecided
Unassigned
Saucy
Won't Fix
Undecided
Unassigned
Trusty
Triaged
Undecided
Unassigned
Utopic
Fix Released
Undecided
Unassigned
python3.2 (Ubuntu)
Invalid
Undecided
Unassigned
Precise
Won't Fix
Undecided
Unassigned
python3.3 (Ubuntu)
Triaged
Undecided
Unassigned
Saucy
Won't Fix
Undecided
Unassigned
python3.4 (Ubuntu)
Fix Released
Undecided
Unassigned
Trusty
Triaged
Undecided
Unassigned
Utopic
Fix Released
Undecided
Unassigned

Bug Description

As reported upstream, the JSON module of Python is vulnerable for reading arbitrary process memory. Please apply the patch as included in the upstream bug report: http://bugs.python.org/issue21529

CVE-2014-4616 is assigned:
https://security-tracker.debian.org/tracker/CVE-2014-4616

Patch is applied upstream in 2.7.7, so this only applies to current Ubuntu releases.

CVE References

information type: Private Security → Public Security
Changed in python2.7 (Debian):
status: Unknown → New
Changed in python:
status: Unknown → Fix Released
description: updated
no longer affects: python3.4 (Ubuntu Saucy)
no longer affects: python3.4 (Ubuntu Precise)
no longer affects: python3.4 (Ubuntu Lucid)
no longer affects: python3.3 (Ubuntu Utopic)
no longer affects: python3.3 (Ubuntu Trusty)
no longer affects: python3.3 (Ubuntu Precise)
no longer affects: python3.3 (Ubuntu Lucid)
no longer affects: python3.2 (Ubuntu Utopic)
no longer affects: python3.2 (Ubuntu Trusty)
no longer affects: python3.2 (Ubuntu Saucy)
no longer affects: python3.2 (Ubuntu Lucid)
no longer affects: python2.7 (Ubuntu Lucid)
no longer affects: python2.6 (Ubuntu Precise)
no longer affects: python2.6 (Ubuntu Saucy)
no longer affects: python2.6 (Ubuntu Trusty)
no longer affects: python2.6 (Ubuntu Utopic)
Changed in python2.6 (Ubuntu Lucid):
status: New → Triaged
Changed in python2.7 (Ubuntu Precise):
status: New → Triaged
Changed in python2.7 (Ubuntu Saucy):
status: New → Triaged
Changed in python2.7 (Ubuntu Trusty):
status: New → Triaged
Changed in python3.2 (Ubuntu Precise):
status: New → Triaged
Changed in python3.3 (Ubuntu Saucy):
status: New → Triaged
Changed in python3.4 (Ubuntu Trusty):
status: New → Triaged
Changed in python2.7 (Ubuntu Utopic):
status: New → Fix Released
Changed in python3.4 (Ubuntu Utopic):
status: New → Fix Released
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Thank you for reporting this issue. It has been entered into our CVE tracker and we will supply an update as part of our normal update process.

Changed in python2.6 (Ubuntu):
status: New → Invalid
Changed in python3.2 (Ubuntu):
status: New → Invalid
Changed in python3.3 (Ubuntu):
status: New → Triaged
Revision history for this message
Rolf Leggewie (r0lf) wrote :

saucy has seen the end of its life and is no longer receiving any updates. Marking the saucy task for this ticket as "Won't Fix".

Changed in python2.7 (Ubuntu Saucy):
status: Triaged → Won't Fix
Changed in python3.3 (Ubuntu Saucy):
status: Triaged → Won't Fix
Revision history for this message
Rolf Leggewie (r0lf) wrote :

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".

Changed in python2.6 (Ubuntu Lucid):
status: Triaged → Won't Fix
Changed in python2.7 (Debian):
status: New → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release

Changed in python2.7 (Ubuntu Precise):
status: Triaged → Won't Fix
Changed in python3.2 (Ubuntu Precise):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.