Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2587ffa by Salvatore Bonaccorso at 2019-12-02T15:00:44Z
Add CVE-2019-19118/python-django
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1277,8 +1277,14 @@ CVE-2019-19120
RESERVED
CVE-2019-19119
RESERVED
-CVE-2019-19118
- RESERVED
+CVE-2019-19118 [Privilege escalation in the Django admin]
+ RESERVED
+ - python-django 2:2.2.8-1
+ NOTE:
https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
+ NOTE:
https://github.com/django/django/commit/11c5e0609bcc0db93809de2a08e0dc3d70b393e4
(master)
+ NOTE:
https://github.com/django/django/commit/092cd66cf3c3e175acce698d6ca2012068d878fa
(3.0 branch)
+ NOTE:
https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21
(2.2 branch)
+ NOTE:
https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244
(2.1 branch)
CVE-2019-19117 (/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM
K2(PSG12 ...)
NOT-FOR-US: PHICOMM K2(PSG1218) devices
CVE-2019-19116
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e2587ffa2501a20aa9dee8a3fcdb114eb30e4a45
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e2587ffa2501a20aa9dee8a3fcdb114eb30e4a45
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
