Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
72973843 by Abhijith PA at 2019-12-20T08:37:23Z
jessie and stretch are not affected. strutils.py in oslo.utils is
doing its job but code changed to rewrite pattern which in turn
used for another module mistral-lib. Mistral-lib is absent in
jessie and stretch.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -52748,6 +52748,8 @@ CVE-2019-3867
NOT-FOR-US: OpenShift (web-cosnole issue specific to OpenShift only)
CVE-2019-3866 (An information-exposure vulnerability was discovered where
openstack-m ...)
- python-oslo.utils <unfixed> (low; bug #946060)
+ [jessie] - python-oslo.utils <not-affected> (regex pattern rewrite)
+ [stretch] - python-oslo.utils <not-affected> (regex pattern rewrite)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1768731
NOTE: https://bugs.launchpad.net/tripleo/+bug/1850843
NOTE:
https://opendev.org/openstack/oslo.utils/commit/b41268417cecb12d1d5955ee3107067edf050221
=====================================
data/dla-needed.txt
=====================================
@@ -73,9 +73,6 @@ otrs2 (Abhijith PA)
--
php5 (Thorsten Alteholz)
--
-python-oslo.utils (Abhijith PA)
- NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102)
---
python-reportlab (Hugo Lefeuvre)
NOTE: 20191209: still no upstream fix
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/72973843a30b38ef2e24c9d706308f135aed8580
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/72973843a30b38ef2e24c9d706308f135aed8580
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
