Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7bf5a4b1 by Salvatore Bonaccorso at 2024-04-26T15:51:49+02:00
Update old CVE-2016-7036 and associate it with python-jose
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -499122,7 +499122,8 @@ CVE-2016-7038 (In Moodle 2.x and 3.x, web service
tokens are not invalidated whe
CVE-2016-7037 (The verify function in Encryption/Symmetric.php in Malcolm Fell
jwt be ...)
NOT-FOR-US: Malcolm Fell jwt
CVE-2016-7036 (python-jose before 1.3.2 allows attackers to have unspecified
impact b ...)
- NOT-FOR-US: Python jose
+ - python-jose <not-affected> (Fixed before initial upload to Debian)
+ NOTE:
https://github.com/mpdavis/python-jose/commit/89b46353b9f611e9da38de3d2fedf52331167b93
(1.3.2)
CVE-2016-7035 (An authorization flaw was found in Pacemaker before 1.1.16,
where it d ...)
- pacemaker 1.1.15-3 (bug #843041)
[wheezy] - pacemaker <not-affected> (Vulnerable code introduced later)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bf5a4b12101ad78c9e908e5cbcb4f7c9dd317f6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7bf5a4b12101ad78c9e908e5cbcb4f7c9dd317f6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
