[Secure-testing-commits] r31349 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 14 21:08:20 UTC 2015
Author: carnil
Date: 2015-01-14 21:08:20 +0000 (Wed, 14 Jan 2015)
New Revision: 31349
Modified:
data/CVE/list
Log:
Add bug references for python-django vulnerabilities
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-14 20:52:41 UTC (rev 31348)
+++ data/CVE/list 2015-01-14 21:08:20 UTC (rev 31349)
@@ -3774,19 +3774,20 @@
RESERVED
CVE-2015-0222 [Database denial-of-service with ModelMultipleChoiceField]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #775375)
+ [wheezy] - python-django <not-affected> (1.4.x not affected)
NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
CVE-2015-0221 [Denial-of-service attack against django.views.static.serve]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #775375)
NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
CVE-2015-0220 [Mitigated possible XSS attack via user-supplied redirect URLs]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #775375)
NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
CVE-2015-0219 [WSGI header spoofing via underscore/dash conflation]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #775375)
NOTE: https://www.djangoproject.com/weblog/2015/jan/13/security/
CVE-2015-0218
RESERVED
More information about the Secure-testing-commits
mailing list