Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d62f7417 by Salvatore Bonaccorso at 2018-12-25T00:06:31Z
Add CVE-2018-20406/python*
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -67,7 +67,14 @@ CVE-2018-20408 (An issue was discovered in Bento4 1.5.1-627.
There is a memory l
CVE-2018-20407 (An issue was discovered in Bento4 1.5.1-627. There is a memory
leak in ...)
NOT-FOR-US: Bento4
CVE-2018-20406 (Modules/_pickle.c in Python before 3.7.1 has an integer
overflow via a ...)
- TODO: check
+ - python3.7 3.7.0-7
+ - python3.6 3.6.7~rc1-1
+ - python3.5 <removed>
+ - python3.4 <removed>
+ NOTE: https://bugs.python.org/issue34656
+ NOTE:
https://github.com/python/cpython/commit/a4ae828ee416a66d8c7bf5ee71d653c2cc6a26dd
(master)
+ NOTE:
https://github.com/python/cpython/commit/ef4306b24c9034d6b37bb034e2ebe82e745d4b77
(3.7)
+ NOTE:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
(3.6)
CVE-2018-20405 (BigTree 4.3 allows full path disclosure via authenticated
admin/news/ ...)
NOT-FOR-US: BigTree CMS
CVE-2018-20404
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d62f74174ccef8dc347971012071e2e18483fac8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/d62f74174ccef8dc347971012071e2e18483fac8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
