[Secure-testing-commits] r45850 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Nov 1 19:42:49 UTC 2016
Author: carnil
Date: 2016-11-01 19:42:49 +0000 (Tue, 01 Nov 2016)
New Revision: 45850
Modified:
data/CVE/list
Log:
Add bug reference for python-django issues, #842856
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-01 19:37:03 UTC (rev 45849)
+++ data/CVE/list 2016-11-01 19:42:49 UTC (rev 45850)
@@ -297,14 +297,14 @@
- python-urllib3 <not-affected> (Issue only present in 1.17 and 1.18 releases)
CVE-2016-9014 [DNS rebinding vulnerability when DEBUG=True]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #842856)
[jessie] - python-django <no-dsa> (Minor issue; can be updated via point release)
NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
NOTE: https://github.com/django/django/commit/7fe2d8d940fdddd1a02c4754008a27060c4a03e9
TODO: check if vulnerable code present
CVE-2016-9013 [User with hardcoded password created when running tests on Oracle]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #842856)
[jessie] - python-django <no-dsa> (Minor issue; can be updated via point release)
NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
NOTE: https://github.com/django/django/commit/da7910d4834726eca596af0a830762fa5fb2dfd9
More information about the Secure-testing-commits
mailing list