[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-6975/python-django via unstable
Salvatore Bonaccorso
carnil at debian.org
Mon Feb 11 19:52:59 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
71661464 by Salvatore Bonaccorso at 2019-02-11T19:52:12Z
Add fixed version for CVE-2019-6975/python-django via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1903,7 +1903,7 @@ CVE-2019-6976 (libvips before 8.7.4 writes to uninitialized memory locations in
[jessie] - vips <ignored> (Minor Issue)
NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
CVE-2019-6975 [Memory exhaustion in django.utils.numberformat.format()]
- - python-django <unfixed> (bug #922027)
+ - python-django 1:1.11.20-1 (bug #922027)
[jessie] - python-django <not-affected> (Vulnerable code not present)
NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7166146407da95ea2106ca399fac74b975637900
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7166146407da95ea2106ca399fac74b975637900
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190211/d57b4f5a/attachment.html>
More information about the debian-security-tracker-commits
mailing list