[Secure-testing-commits] r28396 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 21 04:06:36 UTC 2014
Author: carnil
Date: 2014-08-21 04:06:21 +0000 (Thu, 21 Aug 2014)
New Revision: 28396
Modified:
data/CVE/list
Log:
Add CVEs for python-django, now public, already fixed in unstable, thanks lfarone
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-08-21 04:04:52 UTC (rev 28395)
+++ data/CVE/list 2014-08-21 04:06:21 UTC (rev 28396)
@@ -12156,14 +12156,18 @@
RESERVED
CVE-2014-0484
RESERVED
-CVE-2014-0483
+CVE-2014-0483 [data leakage via querystring manipulation in admin]
RESERVED
-CVE-2014-0482
+ - python-django 1.6.6-1
+CVE-2014-0482 [RemoteUserMiddleware session hijacking]
RESERVED
-CVE-2014-0481
+ - python-django 1.6.6-1
+CVE-2014-0481 [file upload denial of service]
RESERVED
-CVE-2014-0480
+ - python-django 1.6.6-1
+CVE-2014-0480 reverse() can generate URLs pointing to other hosts]
RESERVED
+ - python-django 1.6.6-1
CVE-2014-0479 (reportbug before 6.4.4+deb7u1 and 6.5.x before 6.5.0+nmu1 allows ...)
{DSA-2997-1}
- reportbug 6.5.0+nmu1
More information about the Secure-testing-commits
mailing list