Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
79511227 by Salvatore Bonaccorso at 2019-02-11T15:00:50Z
Remove bogus fixed version for CVE-2019-6975
- - - - -
37b220a1 by Salvatore Bonaccorso at 2019-02-11T15:02:36Z
Add upstream references for CVE-2019-6975/python-django
- - - - -
20f68533 by Salvatore Bonaccorso at 2019-02-11T15:03:53Z
CVE-2019-6975: Put description in []-brackets
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1896,9 +1896,11 @@ CVE-2019-6976 (libvips before 8.7.4 writes to
uninitialized memory locations in
- vips 8.7.4-1
[jessie] - vips <ignored> (Minor Issue)
NOTE:
https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
-CVE-2019-6975 (Memory exhaustion in django.utils.numberformat.format())
- - python-django 1:1.10.7-2+deb9u3 (bug #922027)
+CVE-2019-6975 [Memory exhaustion in django.utils.numberformat.format()]
+ - python-django <unfixed> (bug #922027)
NOTE: Upstream may re-release
https://code.djangoproject.com/ticket/30175
+ NOTE:
https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
+ NOTE:
https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227
(1.11 branch)
CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]
RESERVED
- linux <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/0bad37ec8a8c5608bb9fe82bd22e10cc0d89d8b4...20f68533287a10b3bd2ecf3187372640b6f1b7d2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/0bad37ec8a8c5608bb9fe82bd22e10cc0d89d8b4...20f68533287a10b3bd2ecf3187372640b6f1b7d2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
