Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cdfff1db by Chris Lamb at 2019-02-11T18:17:57Z
Upstream re-released python-django for CVE-2019-6975 after files were missing.
- - - - -
278aff5e by Chris Lamb at 2019-02-11T18:18:35Z
Triage CVE-2019-6975 in python-django for jessie LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1904,7 +1904,8 @@ CVE-2019-6976 (libvips before 8.7.4 writes to
uninitialized memory locations in
NOTE:
https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
CVE-2019-6975 [Memory exhaustion in django.utils.numberformat.format()]
- python-django <unfixed> (bug #922027)
- NOTE: Upstream may re-release
https://code.djangoproject.com/ticket/30175
+ [jessie] - <not-affected> python-django (Vulnerable code not present)
+ NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
NOTE:
https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
NOTE:
https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227
(1.11 branch)
CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/2b8ac03e6ba8b3d3b3a35d5c57faeb07f280597d...278aff5ef33ffcf3ddb0847ad77857f5b13512a7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/2b8ac03e6ba8b3d3b3a35d5c57faeb07f280597d...278aff5ef33ffcf3ddb0847ad77857f5b13512a7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
