[Stackless] Stackless to address multiple buffer overflow vulnerability?

Richard Tew richard.m.tew at gmail.com
Sun Aug 24 00:03:49 CEST 2008


On Fri, Aug 15, 2008 at 10:51 AM, David E. Sallis <David.Sallis at noaa.gov> wrote:
> Recently a multiple buffer overflow vulnerability advisory was posted for
> all versions of Python except 2.5.2-r6 and 2.4.4-r14 (see
> http://www.securityfocus.com/bid/30491).
>
> Is Stackless being patched to address these vulnerabilities?  I'm currently
> using Stackless 2.4.3 but could probably upgrade to 2.5.2.  Which give rise
> to another question:  is Stackless 2.5.2 vulnerable?

In case it wasn't mentioned, Kristjan kindly merged in the latest
changes for the 2.5,
2.6 and 3000 branches this last week.  There are some bugs remaining I believe.

Cheers,
Richard.




More information about the Stackless mailing list