[Git][security-tracker-team/security-tracker][master] Add CVE-2018-14647/python*

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f3f9e2a by Salvatore Bonaccorso at 2018-09-25T20:45:27Z
Add CVE-2018-14647/python*

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6797,7 +6797,16 @@ CVE-2018-14648 [Mishandled search requests in servers/slapd/search.c:do_search()
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1630668
 	TODO: check, not much detail provided
 CVE-2018-14647 (Python's elementtree C accelerator failed to initialise Expat's hash ...)
-	TODO: check
+	- python3.7 <unfixed>
+	- python3.6 <unfixed>
+	- python3.5 <unfixed>
+	- python3.4 <removed>
+	- python2.7 <unfixed>
+	NOTE: https://bugs.python.org/issue34623
+	NOTE: https://github.com/python/cpython/commit/cb5778f00ce48631c7140f33ba242496aaf7102b (master)
+	NOTE: 3.7: https://github.com/python/cpython/commit/470a435f3b42c9be5fdb7f7b04f3df5663ba7305
+	NOTE: 3.6: https://github.com/python/cpython/commit/f7666e828cc3d5873136473ea36ba2013d624fa1
+	NOTE: 2.7: https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
 CVE-2018-14646
 	RESERVED
 CVE-2018-14645 (A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f3f9e2aef0565791a38c518bcbc965e42c2b7bc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5f3f9e2aef0565791a38c518bcbc965e42c2b7bc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180925/dcce7318/attachment.html>