[Git][security-tracker-team/security-tracker][master] 3 commits: lib/python/debian_support.py: Use repr(..) over backticks; they are removed in Python 3.x

[Chris Lamb]

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b994c41 by Chris Lamb at 2019-02-11T13:07:30Z
lib/python/debian_support.py: Use repr(..) over backticks; they are removed in Python 3.x

- - - - -
90a4b861 by Chris Lamb at 2019-02-11T13:07:30Z
lib/python/bugs.py: Use explicit list comprehension; the "lambda (x,)" syntax is not actually valid in Python 3.

- - - - -
dcca8c90 by Chris Lamb at 2019-02-11T13:14:58Z
Add bug for CVE-2019-6975 in python-django

- - - - -


3 changed files:

- data/CVE/list
- lib/python/bugs.py
- lib/python/debian_support.py


Changes:

=====================================
data/CVE/list
=====================================
@@ -1896,8 +1896,9 @@ CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in
 	- vips 8.7.4-1
 	[jessie] - vips <ignored> (Minor Issue)
 	NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
-CVE-2019-6975
-	RESERVED
+CVE-2019-6975 (Memory exhaustion in django.utils.numberformat.format())
+	- python-django 1:1.10.7-2+deb9u3 (bug #922027)
+	NOTE: Upstream may re-release https://code.djangoproject.com/ticket/30175
 CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]
 	RESERVED
 	- linux <unfixed>


=====================================
lib/python/bugs.py
=====================================
@@ -370,11 +370,11 @@ class BugFromDB(Bug):
 
     def getDebianBugs(self, cursor):
         """Returns a list of Debian bugs to which the bug report refers."""
-        return map(lambda (x,): x, cursor.execute(
+        return [x[0] for x in cursor.execute(
             """SELECT DISTINCT bug FROM package_notes, debian_bugs
             WHERE package_notes.bug_name = ?
             AND debian_bugs.note = package_notes.id
-            ORDER BY bug""", (self.name,)))
+            ORDER BY bug""", (self.name,))]
 
     def getStatus(self, cursor):
         """Calculate bug status.


=====================================
lib/python/debian_support.py
=====================================
@@ -85,7 +85,7 @@ class Version:
         if t == types.UnicodeType:
             version = version.encode('UTF-8')
         else:
-            assert t == types.StringType, `version`
+            assert t == types.StringType, repr(version)
         assert version != ""
         self.__asString = version
         self.__forCompare = _version_normalize_regexp.sub("", version)
@@ -94,7 +94,7 @@ class Version:
         return self.__asString
 
     def __repr__(self):
-        return 'Version(%s)' % `self.__asString`
+        return 'Version(%r)' % self.__asString
 
     def __cmp__(self, other):
         try:
@@ -182,7 +182,7 @@ class PseudoEnum:
         self._name = name
         self._order = order
     def __repr__(self):
-        return '%s(%s)'% (self.__class__.__name__, `self._name`)
+        return '%s(%r)'% (self.__class__.__name__, self._name)
     def __str__(self):
         return self._name
     def __cmp__(self, other):



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ca0d451392efb5c07b240f3f0482a86204d23b26...dcca8c90f9c6185f67e7ba0be25663cd5dbfa658

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ca0d451392efb5c07b240f3f0482a86204d23b26...dcca8c90f9c6185f67e7ba0be25663cd5dbfa658
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190211/f94c8ad4/attachment-0001.html>