[Secure-testing-commits] r45891 - data/CVE
Nicholas Luedtke
nluedtke-guest at moszumanska.debian.org
Wed Nov 2 17:51:12 UTC 2016
Author: nluedtke-guest
Date: 2016-11-02 17:51:12 +0000 (Wed, 02 Nov 2016)
New Revision: 45891
Modified:
data/CVE/list
Log:
Update CVE-2016-9014
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-02 14:24:04 UTC (rev 45890)
+++ data/CVE/list 2016-11-02 17:51:12 UTC (rev 45891)
@@ -345,10 +345,10 @@
CVE-2016-9014 [DNS rebinding vulnerability when DEBUG=True]
RESERVED
- python-django <unfixed> (bug #842856)
+ [wheezy] - python-django <not-affected> (Vulnerable code intrduced in 1.7a1)
[jessie] - python-django <no-dsa> (Minor issue; can be updated via point release)
NOTE: https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
NOTE: https://github.com/django/django/commit/7fe2d8d940fdddd1a02c4754008a27060c4a03e9
- TODO: check if vulnerable code present
CVE-2016-9013 [User with hardcoded password created when running tests on Oracle]
RESERVED
- python-django <unfixed> (bug #842856)
More information about the Secure-testing-commits
mailing list