Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
29cd29ca by Chris Lamb at 2019-12-03T20:26:44Z
Triage CVE-2019-19118 in python-django for jessie LTS.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1544,6 +1544,7 @@ CVE-2019-19118 (Django 2.1 before 2.1.15 and 2.2 before
2.2.8 allows unintended
- python-django 2:2.2.8-1 (bug #946011)
[buster] - python-django <not-affected> (Vulnerable code introduced
later)
[stretch] - python-django <not-affected> (Vulnerable code introduced
later)
+ [jessie] - python-django <not-affected> (Vulnerable code introduced
later)
NOTE:
https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
NOTE: Introduced after
https://github.com/django/django/commit/825f0beda804e48e9197fcf3b0d909f9f548aa47
(2.1a1)
NOTE:
https://github.com/django/django/commit/11c5e0609bcc0db93809de2a08e0dc3d70b393e4
(master)
=====================================
data/dla-needed.txt
=====================================
@@ -109,8 +109,6 @@ php-horde-trean (Roberto C. Sánchez)
NOTE: 20191126: Corresponding with security team regarding CVE assignments.
(roberto)
NOTE: 20191203: Pinged upstream and MITRE regarding correctness of CVE
assignments. (roberto)
--
-python-django (Chris Lamb)
---
python-oslo.utils
NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/29cd29caabf22ce380e8330ff1c88dcd0a1be6ff
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/29cd29caabf22ce380e8330ff1c88dcd0a1be6ff
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
