[Secure-testing-commits] r45838 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 1 15:51:00 UTC 2016
Author: carnil
Date: 2016-11-01 15:51:00 +0000 (Tue, 01 Nov 2016)
New Revision: 45838
Modified:
data/CVE/list
Log:
Mark python-django issues as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-01 15:44:25 UTC (rev 45837)
+++ data/CVE/list 2016-11-01 15:51:00 UTC (rev 45838)
@@ -298,12 +298,14 @@
CVE-2016-9014 [DNS rebinding vulnerability when DEBUG=True]
RESERVED
- python-django <unfixed>
+ [jessie] - python-django <no-dsa> (Minor issue; can be update via point release)
NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
NOTE: https://github.com/django/django/commit/7fe2d8d940fdddd1a02c4754008a27060c4a03e9
TODO: check if vulnerable code present
CVE-2016-9013 [User with hardcoded password created when running tests on Oracle]
RESERVED
- python-django <unfixed>
+ [jessie] - python-django <no-dsa> (Minor issue; can be update via point release)
NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
NOTE: https://github.com/django/django/commit/da7910d4834726eca596af0a830762fa5fb2dfd9
TODO: check if vulnerable code present
More information about the Secure-testing-commits
mailing list