[Secure-testing-commits] r31347 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jan 14 20:52:10 UTC 2015


Author: carnil
Date: 2015-01-14 20:52:09 +0000 (Wed, 14 Jan 2015)
New Revision: 31347

Modified:
   data/CVE/list
Log:
Add new python-django issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-01-14 19:13:34 UTC (rev 31346)
+++ data/CVE/list	2015-01-14 20:52:09 UTC (rev 31347)
@@ -3772,14 +3772,22 @@
 	RESERVED
 CVE-2015-0223
 	RESERVED
-CVE-2015-0222
+CVE-2015-0222 [Database denial-of-service with ModelMultipleChoiceField]
 	RESERVED
-CVE-2015-0221
+	- python-django <unfixed>
+	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0221 [Denial-of-service attack against django.views.static.serve]
 	RESERVED
-CVE-2015-0220
+	- python-django <unfixed>
+	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0220 [Mitigated possible XSS attack via user-supplied redirect URLs]
 	RESERVED
-CVE-2015-0219
+	- python-django <unfixed>
+	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
+CVE-2015-0219 [WSGI header spoofing via underscore/dash conflation]
 	RESERVED
+	- python-django <unfixed>
+	NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
 CVE-2015-0218
 	RESERVED
 CVE-2015-0217




More information about the Secure-testing-commits mailing list