[Git][security-tracker-team/security-tracker][master] Four python-django issues fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Tue Aug 6 13:21:02 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
928c309b by Salvatore Bonaccorso at 2019-08-06T12:20:20Z
Four python-django issues fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1741,25 +1741,25 @@ CVE-2019-14237
 CVE-2019-14236
 	RESERVED
 CVE-2019-14235 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
-	- python-django <unfixed> (bug #934026)
+	- python-django 2:2.2.4-1 (bug #934026)
 	[jessie] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
 	NOTE: https://github.com/django/django/commit/cf694e6852b0da7799f8b53f1fb2f7d20cf17534 (2.2.x)
 	NOTE: https://github.com/django/django/commit/869b34e9b3be3a4cfcb3a145f218ffd3f5e3fd79 (1.11.x)
 CVE-2019-14234 [SQL injection possibility in key and index lookups for JSONField/HStoreField]
 	RESERVED
-	- python-django <unfixed> (bug #934026)
+	- python-django 2:2.2.4-1 (bug #934026)
 	[jessie] - python-django <not-affected> (Vulnerable code not present)
 	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
 	NOTE: https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387 (2.2.x)
 	NOTE: https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef (1.11.x)
 CVE-2019-14233 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
-	- python-django <unfixed> (bug #934026)
+	- python-django 2:2.2.4-1 (bug #934026)
 	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
 	NOTE: https://github.com/django/django/commit/e34f3c0e9ee5fc9022428fe91640638bafd4cda7 (2.2.x)
 	NOTE: https://github.com/django/django/commit/52479acce792ad80bb0f915f20b835f919993c72 (1.11.x)
 CVE-2019-14232 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
-	- python-django <unfixed> (bug #934026)
+	- python-django 2:2.2.4-1 (bug #934026)
 	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
 	NOTE: https://github.com/django/django/commit/c3289717c6f21a8cf23daff1c78c0c014b94041f (2.2.x)
 	NOTE: https://github.com/django/django/commit/42a66e969023c00536256469f0e8b8a099ef109d (1.11.x)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/928c309b9314b77fa463d98f81f90495a690a1be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/928c309b9314b77fa463d98f81f90495a690a1be
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190806/3140d5ad/attachment.html>


More information about the debian-security-tracker-commits mailing list