Author: bam Date: 2016-11-07 21:59:46 +0000 (Mon, 07 Nov 2016) New Revision: 46053
Modified: data/CVE/list Log: CVE-2016-9013 not worth fixing in Wheezy - is not?\194?\160triggered by normal usage, and cannot be triggered by a malicious user. - is documented, and can be overridden: <https://sources.debian.net/src/python-django/1.4.5-1%2Bdeb7u16/docs/ref/settings.txt/#L669> Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-11-07 21:31:52 UTC (rev 46052) +++ data/CVE/list 2016-11-07 21:59:46 UTC (rev 46053) @@ -615,6 +615,7 @@ RESERVED - python-django <unfixed> (bug #842856) [jessie] - python-django <no-dsa> (Minor issue; can be updated via point release) + [wheezy] - python-django <no-dsa> (Minor issue; specific to Oracle) NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ NOTE: https://github.com/django/django/commit/da7910d4834726eca596af0a830762fa5fb2dfd9 CVE-2016-9012 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
