[Secure-testing-commits] r23540 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Wed Sep 4 05:05:54 UTC 2013


Author: jmm
Date: 2013-09-04 05:05:54 +0000 (Wed, 04 Sep 2013)
New Revision: 23540

Modified:
   data/CVE/list
Log:
pip fixed in sid, n/a in squeeze


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-09-03 21:23:30 UTC (rev 23539)
+++ data/CVE/list	2013-09-04 05:05:54 UTC (rev 23540)
@@ -1131,8 +1131,10 @@
 	RESERVED
 CVE-2013-5123 [insecure mirroring]
 	RESERVED
-	- python-pip <unfixed>
-	TODO: check, affected should be 0.8.1 onwards
+	- python-pip 1.4.1-1 (unimportant)
+	[squeeze] - python-pip <not-affected> (Support for mirroring introduced in 0.8.1)
+	NOTE: This is additional hardening / security feature, not a vulnerabily (despite
+	NOTE: the discussion on oss-sec)
 CVE-2013-5122
 	RESERVED
 CVE-2013-5121 (SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows ...)




More information about the Secure-testing-commits mailing list