[Git][security-tracker-team/security-tracker][master] 3 commits: Remove bogus fixed version for CVE-2019-6975
Salvatore Bonaccorso
carnil at debian.org
Mon Feb 11 15:04:34 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
79511227 by Salvatore Bonaccorso at 2019-02-11T15:00:50Z
Remove bogus fixed version for CVE-2019-6975
- - - - -
37b220a1 by Salvatore Bonaccorso at 2019-02-11T15:02:36Z
Add upstream references for CVE-2019-6975/python-django
- - - - -
20f68533 by Salvatore Bonaccorso at 2019-02-11T15:03:53Z
CVE-2019-6975: Put description in []-brackets
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1896,9 +1896,11 @@ CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in
- vips 8.7.4-1
[jessie] - vips <ignored> (Minor Issue)
NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
-CVE-2019-6975 (Memory exhaustion in django.utils.numberformat.format())
- - python-django 1:1.10.7-2+deb9u3 (bug #922027)
+CVE-2019-6975 [Memory exhaustion in django.utils.numberformat.format()]
+ - python-django <unfixed> (bug #922027)
NOTE: Upstream may re-release https://code.djangoproject.com/ticket/30175
+ NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
+ NOTE: https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227 (1.11 branch)
CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]
RESERVED
- linux <unfixed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0bad37ec8a8c5608bb9fe82bd22e10cc0d89d8b4...20f68533287a10b3bd2ecf3187372640b6f1b7d2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0bad37ec8a8c5608bb9fe82bd22e10cc0d89d8b4...20f68533287a10b3bd2ecf3187372640b6f1b7d2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190211/2e26ab03/attachment.html>
More information about the debian-security-tracker-commits
mailing list