[Secure-testing-commits] r22384 - data/CVE
Micah Anderson
micah at alioth.debian.org
Tue May 28 17:15:35 UTC 2013
Author: micah
Date: 2013-05-28 17:15:35 +0000 (Tue, 28 May 2013)
New Revision: 22384
Modified:
data/CVE/list
Log:
add versions and bugs to python-pip and python-virtualenv
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-05-28 12:05:12 UTC (rev 22383)
+++ data/CVE/list 2013-05-28 17:15:35 UTC (rev 22384)
@@ -5051,6 +5051,10 @@
RESERVED
CVE-2013-1629
RESERVED
+ - python-pip <unfixed> (medium; bug #710163)
+ - python-virtualenv 1.9.1-1 (medium; bug #710164)
+ NOTE: this CVE is reserved, but it has been leaked in http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/
+ NOTE: python-virtualenv embeds pip
CVE-2013-1628
RESERVED
CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft ...)
More information about the Secure-testing-commits
mailing list