[Secure-testing-commits] r33096 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Mar 24 05:27:36 UTC 2015
Author: carnil
Date: 2015-03-24 05:27:30 +0000 (Tue, 24 Mar 2015)
New Revision: 33096
Modified:
data/CVE/list
Log:
Add fixed version for python-django
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-23 23:30:25 UTC (rev 33095)
+++ data/CVE/list 2015-03-24 05:27:30 UTC (rev 33096)
@@ -106,13 +106,13 @@
RESERVED
CVE-2015-2317 [Mitigated possible XSS attack via user-supplied redirect URLs]
RESERVED
- - python-django <unfixed> (bug #780873)
+ - python-django 1.7.7-1 (bug #780873)
[squeeze] - python-django <no-dsa> (Minor issue, can wait next security upload)
NOTE: https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b (1.4.x)
NOTE: https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1 (1.7.x)
CVE-2015-2316 [Denial-of-service possibility with strip_tags()]
RESERVED
- - python-django <unfixed> (bug #780874)
+ - python-django 1.7.7-1 (bug #780874)
[wheezy] - python-django <not-affected> (vulnerable code not present)
[squeeze] - python-django <not-affected> (vulnerable code not present)
NOTE: https://github.com/django/django/commit/e63363f8e075fa8d66326ad6a1cc3391cc95cd97 (1.7.x)
More information about the Secure-testing-commits
mailing list