[Secure-testing-commits] r35516 - in data: . CVE
Ben Hutchings
benh at moszumanska.debian.org
Thu Jul 16 18:30:30 UTC 2015
Author: benh
Date: 2015-07-16 18:30:30 +0000 (Thu, 16 Jul 2015)
New Revision: 35516
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Mark recent issues fixed in python-django/squeeze-lts and remove from dla-needed
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-16 18:13:09 UTC (rev 35515)
+++ data/CVE/list 2015-07-16 18:30:30 UTC (rev 35516)
@@ -866,12 +866,12 @@
- python-django <not-affected> (Vulnerable code not present)
NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
CVE-2015-5144 (Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and ...)
- {DSA-3305-1}
+ {DSA-3305-1 DLA-272-1}
- python-django 1.7.9-1
NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5144 has split out patches
CVE-2015-5143 (The session backends in Django before 1.4.21, 1.5.x through 1.6.x, ...)
- {DSA-3305-1}
+ {DSA-3305-1 DLA-272-1}
- python-django 1.7.9-1
NOTE: https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
CVE-2015-5142
@@ -8634,7 +8634,7 @@
CVE-2015-2321
RESERVED
CVE-2015-2317 (The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, ...)
- {DSA-3204-1}
+ {DSA-3204-1 DLA-272-1}
- python-django 1.7.7-1 (bug #780873)
[squeeze] - python-django <no-dsa> (Minor issue, can wait next security upload)
NOTE: https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b (1.4.x)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2015-07-16 18:13:09 UTC (rev 35515)
+++ data/dla-needed.txt 2015-07-16 18:30:30 UTC (rev 35516)
@@ -72,8 +72,6 @@
--
pound (Guido Günther)
--
-python-django
---
quassel
--
roundup (Thorsten Alteholz)
More information about the Secure-testing-commits
mailing list