[Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-1000802
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 21 10:25:21 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2f4fc825 by Salvatore Bonaccorso at 2018-09-21T09:24:46Z
Update status for CVE-2018-1000802
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -323,10 +323,16 @@ CVE-2018-17155
CVE-2018-17154
RESERVED
CVE-2018-1000802 (Python Software Foundation Python (CPython) version 2.7 contains a ...)
+ - python3.7 <not-affected> (Fixed before initial upload)
+ - python3.6 <not-affected> (Fixed before initial upload)
+ - python3.5 <not-affected> (Fixed before initial upload)
+ - python3.4 <removed>
- python2.7 <unfixed>
NOTE: https://bugs.python.org/issue34540
NOTE: https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace
- TODO: check, issue is possibly specific to 2.7 only, so not listing here any other python source packages at the moment
+ NOTE: Later versions did remove _call_external_zip with
+ NOTE: https://github.com/python/cpython/commit/a0934b2c1b939fdebee8dc18d49a0f6c52324773
+ NOTE: which used distutils.spawn.
CVE-2018-17153 (It was discovered that the Western Digital My Cloud device through ...)
NOT-FOR-US: Western Digital My Cloud device
CVE-2018-17152
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f4fc8254a33731cf3ca6111d68ade3b85e8841f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f4fc8254a33731cf3ca6111d68ade3b85e8841f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180921/f44f9c3b/attachment.html>
More information about the debian-security-tracker-commits
mailing list