[Secure-testing-commits] r23322 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Thu Aug 15 05:46:20 UTC 2013


Author: carnil
Date: 2013-08-15 05:46:20 +0000 (Thu, 15 Aug 2013)
New Revision: 23322

Modified:
   data/CVE/list
Log:
one CVE for python-django asigned

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-15 05:44:38 UTC (rev 23321)
+++ data/CVE/list	2013-08-15 05:46:20 UTC (rev 23322)
@@ -20,8 +20,6 @@
 	- cakephp <not-affected> (AssetDispatcher not present in 1.3)
 	NOTE: http://bakery.cakephp.org/articles/markstory/2013/07/18/cakephp_2_3_8_2_2_9_released
 	NOTE: http://seclists.org/bugtraq/2013/Aug/97
-CVE-2013-XXXX [django Cross-site scripting (XSS) in admin interface]
-	- python-django 1.5.2-1
 CVE-2013-XXXX [django ossible XSS via is_safe_url]
 	- python-django 1.5.2-1
 CVE-2013-5110
@@ -1890,8 +1888,9 @@
 CVE-2013-4250 [Vulnerable subcomponent: Backend File Upload / File Abstraction Layer]
 	RESERVED
 	- typo3 <not-affected> (All versions from 6.0.0 up to the development branch of 6.2)
-CVE-2013-4249
+CVE-2013-4249 [django Cross-site scripting (XSS) in admin interface]
 	RESERVED
+	- python-django 1.5.2-1
 CVE-2013-4248 [php invalid handling of certs with null bytes]
 	RESERVED
 	- php5 <unfixed> (bug #719765)




More information about the Secure-testing-commits mailing list