[Git][security-tracker-team/security-tracker][master] 2 commits: Track embedded copies of python-py

Sun, 28 Feb 2021 02:08:55 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
67ad7255 by Salvatore Bonaccorso at 2021-02-28T11:07:20+01:00
Track embedded copies of python-py

- - - - -
e605fc53 by Salvatore Bonaccorso at 2021-02-28T11:07:51+01:00
Mark pypy and pypy3 as unimportant for CVE-2020-29651

Source-wise affected but the svnwc.py does not seem to be part of the
binary packages produced as is an embedded copy of python-py.

- - - - -


2 changed files:

- data/CVE/list
- data/embedded-code-copies


Changes:

=====================================
data/CVE/list
=====================================
@@ -21527,9 +21527,8 @@ CVE-2020-29651 (A denial of service via regular 
expression in the py.path.svnwc
        - python-py 1.10.0-1
        [buster] - python-py <no-dsa> (Minor issue)
        [stretch] - python-py <postponed> (Minor issue)
-       - pypy <unfixed>
-       [stretch] - pypy <postponed> (Minor issue)
-       - pypy3 <unfixed>
+       - pypy <unfixed> (unimportant)
+       - pypy3 <unfixed> (unimportant)
        NOTE: https://github.com/pytest-dev/py/issues/256
        NOTE: https://github.com/pytest-dev/py/pull/257
        NOTE: 
https://github.com/pytest-dev/py/commit/4a9017dc6199d2a564b6e4b0aa39d6d8870e4144


=====================================
data/embedded-code-copies
=====================================
@@ -3550,3 +3550,7 @@ libbpf
        - bpfcc 0.17.0+ds-1 (embed)
        - dwarves-dfsg 1.18-1 (embed; bug #979105)
        - v4l-utils <unfixed> (embed; bug #979610)
+
+python-py
+       - pypy <unfixed> (embed)
+       - pypy3 <unfixed> (embed)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/691d8f6853352157ac3eec4840b7d3adcbd92e9d...e605fc53a376d47798ab69016b345ac455e7ca76

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/691d8f6853352157ac3eec4840b7d3adcbd92e9d...e605fc53a376d47798ab69016b345ac455e7ca76
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to