[Secure-testing-commits] r31347 - data/CVE

Salvatore Bonaccorso Wed, 14 Jan 2015 12:52:38 -0800

Author: carnil
Date: 2015-01-14 20:52:09 +0000 (Wed, 14 Jan 2015)
New Revision: 31347


Modified:
   data/CVE/list
Log:
Add new python-django issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-01-14 19:13:34 UTC (rev 31346)
+++ data/CVE/list       2015-01-14 20:52:09 UTC (rev 31347)
@@ -3772,14 +3772,22 @@
        RESERVED
 CVE-2015-0223
        RESERVED
-CVE-2015-0222
+CVE-2015-0222 [Database denial-of-service with ModelMultipleChoiceField]
        RESERVED
-CVE-2015-0221
+       - python-django <unfixed>
+       NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0221 [Denial-of-service attack against django.views.static.serve]
        RESERVED
-CVE-2015-0220
+       - python-django <unfixed>
+       NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0220 [Mitigated possible XSS attack via user-supplied redirect URLs]
        RESERVED
-CVE-2015-0219
+       - python-django <unfixed>
+       NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0219 [WSGI header spoofing via underscore/dash conflation]
        RESERVED
+       - python-django <unfixed>
+       NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
 CVE-2015-0218
        RESERVED
 CVE-2015-0217


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r31347 - data/CVE

Reply via email to