[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] python no-dsa

Moritz Muehlenhoff jmm at debian.org
Wed Apr 4 18:10:02 BST 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c51f03e by Moritz Muehlenhoff at 2018-04-04T19:09:23+02:00
python no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22198,13 +22198,17 @@ CVE-2018-1062 (A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where
 	NOT-FOR-US: ovirt-engine
 CVE-2018-1061 [DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib]
 	RESERVED
-	- python3.7 3.7.0~b3-1
-	- python3.6 3.6.5~rc1-1
-	- python3.5 <unfixed>
-	- python3.4 <removed>
-	- python3.2 <removed>
-	- python2.7 <unfixed>
-	- python2.6 <removed>
+	- python3.7 3.7.0~b3-1 (low)
+	- python3.6 3.6.5~rc1-1 (low)
+	- python3.5 <unfixed> (low)
+	[stretch] - python3.5 <no-dsa> (Minor issue)
+	- python3.4 <removed> (low)
+	[jessie] - python3.4 <no-dsa> (Minor issue)
+	- python3.2 <removed> (low)
+	- python2.7 <unfixed> (low)
+	[stretch] - python2.7 <no-dsa> (Minor issue)
+	[jessie] - python2.7 <no-dsa> (Minor issue)
+	- python2.6 <removed> (low)
 	NOTE: https://bugs.python.org/issue32981
 	NOTE: https://github.com/python/cpython/commit/0e6c8ee2358a2e23117501826c008842acb835ac (master)
 	NOTE: https://github.com/python/cpython/commit/0902a2d6b2d1d9dbde36aeaaccf1788ceaa97143 (3.7)
@@ -22214,13 +22218,17 @@ CVE-2018-1061 [DOS via regular expression backtracking in difflib.IS_LINE_JUNK m
 	NOTE: https://github.com/python/cpython/commit/e052d40cea15f582b50947f7d906b39744dc62a2 (2.7)
 CVE-2018-1060 [DOS via regular expression catastrophic backtracking in apop() method in pop3lib]
 	RESERVED
-	- python3.7 3.7.0~b3-1
-	- python3.6 3.6.5~rc1-1
-	- python3.5 <unfixed>
-	- python3.4 <removed>
-	- python3.2 <removed>
-	- python2.7 <unfixed>
-	- python2.6 <removed>
+	- python3.7 3.7.0~b3-1 (low)
+	- python3.6 3.6.5~rc1-1 (low)
+	- python3.5 <unfixed> (low)
+	[stretch] - python3.5 <no-dsa> (Minor issue)
+	- python3.4 <removed> (low)
+	[jessie] - python3.4 <no-dsa> (Minor issue)
+	- python3.2 <removed> (low)
+	- python2.7 <unfixed> (low)
+	[stretch] - python2.7 <no-dsa> (Minor issue)
+	[jessie] - python2.7 <no-dsa> (Minor issue)
+	- python2.6 <removed> (low)
 	NOTE: https://bugs.python.org/issue32981
 	NOTE: https://github.com/python/cpython/commit/0e6c8ee2358a2e23117501826c008842acb835ac (master)
 	NOTE: https://github.com/python/cpython/commit/0902a2d6b2d1d9dbde36aeaaccf1788ceaa97143 (3.7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c51f03e1507e3963610829f267864a083fcb321

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c51f03e1507e3963610829f267864a083fcb321
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180404/68289d02/attachment.html>


More information about the debian-security-tracker-commits mailing list