python: backport security fix for CVE-2014-1912.

A vulnerability was reported [1] in Python's socket module, due to a
boundary error within the sock_recvfrom_into() function, which could be
exploited to cause a buffer overflow.

This could be used to crash a Python application that uses the
socket.recvfrom_info() function or, possibly, execute arbitrary code
with the permissions of the user running vulnerable Python code.

This vulnerable function, socket.recvfrom_into(), was introduced in
Python 2.5. Earlier versions are not affected by this flaw nor is Python
3.3.4 which is already in Homebrew.

[1] http://bugs.python.org/issue20246

Closes #27194.

Signed-off-by: Mike McQuaid <mike@mikemcquaid.com>

0 files changed, 0 insertions, 0 deletions