[Git][security-tracker-team/security-tracker][master] Add CVE-2019-19118/python-django

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e2587ffa by Salvatore Bonaccorso at 2019-12-02T15:00:44Z
Add CVE-2019-19118/python-django

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1277,8 +1277,14 @@ CVE-2019-19120
 	RESERVED
 CVE-2019-19119
 	RESERVED
-CVE-2019-19118
-	RESERVED
+CVE-2019-19118 [Privilege escalation in the Django admin]
+	RESERVED
+	- python-django 2:2.2.8-1
+	NOTE: https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
+	NOTE: https://github.com/django/django/commit/11c5e0609bcc0db93809de2a08e0dc3d70b393e4 (master)
+	NOTE: https://github.com/django/django/commit/092cd66cf3c3e175acce698d6ca2012068d878fa (3.0 branch)
+	NOTE: https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21 (2.2 branch)
+	NOTE: https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244 (2.1 branch)
 CVE-2019-19117 (/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG12 ...)
 	NOT-FOR-US: PHICOMM K2(PSG1218) devices
 CVE-2019-19116



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e2587ffa2501a20aa9dee8a3fcdb114eb30e4a45

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e2587ffa2501a20aa9dee8a3fcdb114eb30e4a45
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191202/4238149c/attachment.html>