[Git][security-tracker-team/security-tracker][master] Reference first half of fix for CVE-2024-53981/python-multipart

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
106829fd by Salvatore Bonaccorso at 2024-12-03T22:24:01+01:00
Reference first half of fix for CVE-2024-53981/python-multipart

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -211,7 +211,8 @@ CVE-2024-53984 (Nanopb is a small code-size Protocol 
Buffers implementation.  Wh
 CVE-2024-53981 (python-multipart is a streaming multipart parser for Python. 
When pars ...)
        - python-multipart <unfixed> (bug #1088991)
        NOTE: 
https://github.com/Kludex/python-multipart/security/advisories/GHSA-59g5-xgcq-4qw3
-       NOTE: 
https://github.com/Kludex/python-multipart/commit/c4fe4d3cebc08c660e57dd709af1ffa7059b3177
 (0.0.19)
+       NOTE: Fixed by: 
https://github.com/Kludex/python-multipart/commit/9205a0ec8c646b9f705430a6bfb52bd957b76c19
 (0.0.18)
+       NOTE: Fixed by: 
https://github.com/Kludex/python-multipart/commit/c4fe4d3cebc08c660e57dd709af1ffa7059b3177
 (0.0.19)
 CVE-2024-53900 (Mongoose before 8.8.3 can improperly use $where in match.)
        TODO: check
 CVE-2024-53862 (Argo Workflows is an open source container-native workflow 
engine for  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/106829fd0aacab901a24c16c9fddfb5656e88c50

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/106829fd0aacab901a24c16c9fddfb5656e88c50
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits