[Secure-testing-commits] r23396 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Thu Aug 22 16:56:55 UTC 2013


Author: carnil
Date: 2013-08-22 16:56:54 +0000 (Thu, 22 Aug 2013)
New Revision: 23396

Modified:
   data/CVE/list
Log:
update status for CVE-2013-4249

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-08-22 12:17:39 UTC (rev 23395)
+++ data/CVE/list	2013-08-22 16:56:54 UTC (rev 23396)
@@ -2389,6 +2389,9 @@
 CVE-2013-4249 [django Cross-site scripting (XSS) in admin interface]
 	RESERVED
 	- python-django 1.5.2-1
+	[wheezy] - python-django <not-affected> (1.4.x not affected)
+	[squeeze] - python-django <not-affected> (1.2.x not affected)
+	NOTE: problem introduced with https://github.com/django/django/commit/ac2052ebc84c45709ab5f0f25e685bf656ce79bc
 CVE-2013-4248 (The openssl_x509_parse function in openssl.c in the OpenSSL module in ...)
 	- php5 <unfixed> (bug #719765)
 CVE-2013-4247 [linux: cifs: off-by-one bug in build_unc_path_to_root]




More information about the Secure-testing-commits mailing list