CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
Date published : 2008-08-01
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html