[Git][security-tracker-team/security-tracker][master] 2 commits: Upstream re-released python-django for CVE-2019-6975 after files were missing.

[Chris Lamb]

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cdfff1db by Chris Lamb at 2019-02-11T18:17:57Z
Upstream re-released python-django for CVE-2019-6975 after files were missing.

- - - - -
278aff5e by Chris Lamb at 2019-02-11T18:18:35Z
Triage CVE-2019-6975 in python-django for jessie LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1904,7 +1904,8 @@ CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in
 	NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
 CVE-2019-6975 [Memory exhaustion in django.utils.numberformat.format()]
 	- python-django <unfixed> (bug #922027)
-	NOTE: Upstream may re-release https://code.djangoproject.com/ticket/30175
+	[jessie] - <not-affected> python-django (Vulnerable code not present)
+	NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
 	NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
 	NOTE: https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227 (1.11 branch)
 CVE-2019-6974 [kvm: fix kvm_ioctl_create_device() reference counting]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2b8ac03e6ba8b3d3b3a35d5c57faeb07f280597d...278aff5ef33ffcf3ddb0847ad77857f5b13512a7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2b8ac03e6ba8b3d3b3a35d5c57faeb07f280597d...278aff5ef33ffcf3ddb0847ad77857f5b13512a7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190211/74d70d34/attachment-0001.html>