[Secure-testing-commits] r50345 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Tue Apr 4 15:57:44 UTC 2017
Author: carnil
Date: 2017-04-04 15:57:43 +0000 (Tue, 04 Apr 2017)
New Revision: 50345
Modified:
data/CVE/list
Log:
Add bug references for python-djanog, #859515 and #859516
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-04-04 15:57:34 UTC (rev 50344)
+++ data/CVE/list 2017-04-04 15:57:43 UTC (rev 50345)
@@ -724,12 +724,12 @@
NOT-FOR-US: cloudflare-scrape
CVE-2017-7234 [Open redirect vulnerability in django.views.static.serve()]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #859516)
NOTE: https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
NOTE: Fixed by (master): https://github.com/django/django/commit/a1f948b468b6621083a03b0d53432341b7a4d753
CVE-2017-7233 [Open redirect and possible XSS attack via user-supplied numeric redirect URLs]
RESERVED
- - python-django <unfixed>
+ - python-django <unfixed> (bug #859515)
NOTE: https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
NOTE: Fixed by (master): https://github.com/django/django/commit/5ea48a70afac5e5684b504f09286e7defdd1a81a
CVE-2017-7232
More information about the Secure-testing-commits
mailing list