[Secure-testing-commits] r31347 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 14 20:52:10 UTC 2015
Author: carnil
Date: 2015-01-14 20:52:09 +0000 (Wed, 14 Jan 2015)
New Revision: 31347
Modified:
data/CVE/list
Log:
Add new python-django issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-14 19:13:34 UTC (rev 31346)
+++ data/CVE/list 2015-01-14 20:52:09 UTC (rev 31347)
@@ -3772,14 +3772,22 @@
RESERVED
CVE-2015-0223
RESERVED
-CVE-2015-0222
+CVE-2015-0222 [Database denial-of-service with ModelMultipleChoiceField]
RESERVED
-CVE-2015-0221
+ - python-django <unfixed>
+ NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0221 [Denial-of-service attack against django.views.static.serve]
RESERVED
-CVE-2015-0220
+ - python-django <unfixed>
+ NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0220 [Mitigated possible XSS attack via user-supplied redirect URLs]
RESERVED
-CVE-2015-0219
+ - python-django <unfixed>
+ NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0219 [WSGI header spoofing via underscore/dash conflation]
RESERVED
+ - python-django <unfixed>
+ NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
CVE-2015-0218
RESERVED
CVE-2015-0217
More information about the Secure-testing-commits
mailing list