Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 29cd29ca by Chris Lamb at 2019-12-03T20:26:44Z Triage CVE-2019-19118 in python-django for jessie LTS. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -1544,6 +1544,7 @@ CVE-2019-19118 (Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended - python-django 2:2.2.8-1 (bug #946011) [buster] - python-django <not-affected> (Vulnerable code introduced later) [stretch] - python-django <not-affected> (Vulnerable code introduced later) + [jessie] - python-django <not-affected> (Vulnerable code introduced later) NOTE: https://www.djangoproject.com/weblog/2019/dec/02/security-releases/ NOTE: Introduced after https://github.com/django/django/commit/825f0beda804e48e9197fcf3b0d909f9f548aa47 (2.1a1) NOTE: https://github.com/django/django/commit/11c5e0609bcc0db93809de2a08e0dc3d70b393e4 (master) ===================================== data/dla-needed.txt ===================================== @@ -109,8 +109,6 @@ php-horde-trean (Roberto C. Sánchez) NOTE: 20191126: Corresponding with security team regarding CVE assignments. (roberto) NOTE: 20191203: Pinged upstream and MITRE regarding correctness of CVE assignments. (roberto) -- -python-django (Chris Lamb) --- python-oslo.utils NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/29cd29caabf22ce380e8330ff1c88dcd0a1be6ff -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/29cd29caabf22ce380e8330ff1c88dcd0a1be6ff You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits