[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20852/python issue

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8a33ad01 by Salvatore Bonaccorso at 2019-07-14T12:35:17Z
Add CVE-2018-20852/python issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,7 +19,17 @@ CVE-2019-13578
 CVE-2019-13577
 	RESERVED
 CVE-2018-20852 (http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py ...)
-	TODO: check
+	- python3.7 3.7.3~rc1-1
+	- python3.5 <removed>
+	- python3.4 <removed>
+	- python2.7 2.7.16-3
+	NOTE: https://bugs.python.org/issue35121
+	NOTE: https://python-security.readthedocs.io/vuln/cookie-domain-check.html
+	NOTE: https://github.com/python/cpython/commit/979daae300916adb399ab5b51410b6ebd0888f13 (2.7.x branch)
+	NOTE: https://github.com/python/cpython/commit/42ad4101d3ba7ca3c371dadf0f8880764c9f15fb (v3.4.10)
+	NOTE: https://github.com/python/cpython/commit/4749f1b69000259e23b4cc6f63c542a9bdc62f1b (v3.5.7)
+	NOTE: https://github.com/python/cpython/commit/b241af861b37e20ad30533bc0b7e2e5491cc470f (v3.6.9rc1)
+	NOTE: https://github.com/python/cpython/commit/e5123d81ffb3be35a1b2767d6ced1a097aaf77be (v3.7.3rc1)
 CVE-2019-13576
 	RESERVED
 CVE-2019-13575



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8a33ad011d8785df4d08f1e9e4ec10d94b9ac35f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8a33ad011d8785df4d08f1e9e4ec10d94b9ac35f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190714/e8807200/attachment.html>