[Git][security-tracker-team/security-tracker][master] Triage CVE-2019-19118 in python-django for jessie LTS.

Chris Lamb lamby at debian.org
Tue Dec 3 20:27:00 GMT 2019 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
29cd29ca by Chris Lamb at 2019-12-03T20:26:44Z
Triage CVE-2019-19118 in python-django for jessie LTS.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1544,6 +1544,7 @@ CVE-2019-19118 (Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended
 	- python-django 2:2.2.8-1 (bug #946011)
 	[buster] - python-django <not-affected> (Vulnerable code introduced later)
 	[stretch] - python-django <not-affected> (Vulnerable code introduced later)
+	[jessie] - python-django <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
 	NOTE: Introduced after https://github.com/django/django/commit/825f0beda804e48e9197fcf3b0d909f9f548aa47 (2.1a1)
 	NOTE: https://github.com/django/django/commit/11c5e0609bcc0db93809de2a08e0dc3d70b393e4 (master)


=====================================
data/dla-needed.txt
=====================================
@@ -109,8 +109,6 @@ php-horde-trean (Roberto C. Sánchez)
   NOTE: 20191126: Corresponding with security team regarding CVE assignments. (roberto)
   NOTE: 20191203: Pinged upstream and MITRE regarding correctness of CVE assignments. (roberto)
 --
-python-django (Chris Lamb)
---
 python-oslo.utils
   NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/29cd29caabf22ce380e8330ff1c88dcd0a1be6ff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/29cd29caabf22ce380e8330ff1c88dcd0a1be6ff
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191203/4660370e/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list