[Stackless] Stackless to address multiple buffer overflow vulnerability?
gwhulbert at eol.ca
Fri Aug 15 22:11:09 CEST 2008
On Fri, 2008-15-08 at 16:02 -0400, Guy Hulbert wrote:
> Nope. I read the link you posted:
At the end it says:
Python Software Foundation Python 2.5.2 r6
Python Software Foundation Python 2.4.4 r14
This is particularly misleading. The implication is that there are
fixes available at python.org but the "r6" and "r14" references come
from the gentoo bug-tracking system.
As far as I can tell, python.org has no "r#" patch releases.
In answer to your original question. In most cases stackless has the
same vulnerabilities as python itself (since the sources are mostly the
same). If you want the "Not Vulnerable" versions, I think you'd need to
build Stackless from the gentoo sources.
More information about the Stackless