[Secure-testing-commits] r33080 - data/CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Mon Mar 23 15:03:52 UTC 2015
Author: hertzog
Date: 2015-03-23 15:03:48 +0000 (Mon, 23 Mar 2015)
New Revision: 33080
Modified:
data/CVE/list
Log:
Mark CVE-2015-2317 as no-dsa for python-django/squeeze
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-23 15:02:32 UTC (rev 33079)
+++ data/CVE/list 2015-03-23 15:03:48 UTC (rev 33080)
@@ -95,6 +95,7 @@
CVE-2015-2317 [Mitigated possible XSS attack via user-supplied redirect URLs]
RESERVED
- python-django <unfixed> (bug #780873)
+ [squeeze] - python-django <no-dsa> (Minor issue, can wait next security upload)
NOTE: https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b (1.4.x)
NOTE: https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1 (1.7.x)
CVE-2015-2316 [Denial-of-service possibility with strip_tags()]
More information about the Secure-testing-commits
mailing list