[Git][security-tracker-team/security-tracker][master] CVE-2018-16984 in python-django only affects experimental.

[Chris Lamb]

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f29fc819 by Chris Lamb at 2018-10-01T14:03:01Z
CVE-2018-16984 in python-django only affects experimental.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1887,7 +1887,7 @@ CVE-2018-16985 (In Lizard (formerly LZ5) 2.0, use of an invalid memory address w
 	NOT-FOR-US: Lizard
 CVE-2018-16984 [Password hash disclosure to "view only" admin users]
 	[experimental] - python-django 2:2.1.2-1
-	- python-django <unfixed> (bug #910016)
+	- python-django <not-affected> (bug #910016; vulnerable code not present))
 	NOTE: https://www.djangoproject.com/weblog/2018/oct/01/security-release/
 	NOTE: https://github.com/django/django/commit/bf39978a53f117ca02e9a0c78b76664a41a54745 (master)
 	NOTE: https://github.com/django/django/commit/c4bd5b597e0aa2432e4c867b86650f18af117851 (2.1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f29fc819386ce0bb94736c1bc0e33d29e09d05e7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f29fc819386ce0bb94736c1bc0e33d29e09d05e7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181001/d500235a/attachment.html>