[Git][security-tracker-team/security-tracker][master] CVE-2013-1752 got rejected and remove source tracking entries

Salvatore Bonaccorso carnil at debian.org
Mon Jun 3 21:21:58 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9eb3390e by Salvatore Bonaccorso at 2019-06-03T20:21:45Z
CVE-2013-1752 got rejected and remove source tracking entries

The original entry contained:

        - python2.5 <removed> (low)
        - python2.6 <removed> (low)
        - python2.7 2.7.9-1 (low; bug #742929)
        - python3.1 <removed> (low)
        - python3.2 <removed> (low)
        - python3.3 <removed> (low; bug #742928)
        - python3.4 3.4.1-1 (low; bug #742927)
        [squeeze] - python2.5 <no-dsa> (Minor issue)
        [squeeze] - python2.6 <no-dsa> (Minor issue)
        [wheezy] - python2.6 <no-dsa> (Minor issue)
        [wheezy] - python2.7 <no-dsa> (Minor issue)
        [squeeze] - python3.1 <no-dsa> (Minor issue)
        [wheezy] - python3.2 <no-dsa> (Minor issue)
        NOTE: http://marc.info/?l=oss-security&m=138816139322814&w=2
        NOTE: py27 in jessie (as of 2.7.8-11 has all fixes except the ones for smtplib and poplib
        NOTE: http://bugs.python.org/issue16041
        NOTE: http://bugs.python.org/issue16042

Though per CVE assigning rules, this CVE was rejected because it is
incompatible with the CNT1 "Independently Fixable" in the CVE Counting
Decisions.

The original reference is via
https://www.openwall.com/lists/oss-security/2013/12/27/9

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -235046,23 +235046,6 @@ CVE-2013-1753
 	NOTE: preliminary patch: http://bugs.python.org/file28796/xmlrpc_gzip_27.patch
 CVE-2013-1752
 	REJECTED
-	- python2.5 <removed> (low)
-	- python2.6 <removed> (low)
-	- python2.7 2.7.9-1 (low; bug #742929)
-	- python3.1 <removed> (low)
-	- python3.2 <removed> (low)
-	- python3.3 <removed> (low; bug #742928)
-	- python3.4 3.4.1-1 (low; bug #742927)
-	[squeeze] - python2.5 <no-dsa> (Minor issue)
-	[squeeze] - python2.6 <no-dsa> (Minor issue)
-	[wheezy] - python2.6 <no-dsa> (Minor issue)
-	[wheezy] - python2.7 <no-dsa> (Minor issue)
-	[squeeze] - python3.1 <no-dsa> (Minor issue)
-	[wheezy] - python3.2 <no-dsa> (Minor issue)
-	NOTE: http://marc.info/?l=oss-security&m=138816139322814&w=2
-	NOTE: py27 in jessie (as of 2.7.8-11 has all fixes except the ones for smtplib and poplib
-	NOTE: http://bugs.python.org/issue16041
-	NOTE: http://bugs.python.org/issue16042
 CVE-2013-1751
 	RESERVED
 	- twiki <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9eb3390ebc8c60bd52bcb474cc3b6a419c3d48c6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9eb3390ebc8c60bd52bcb474cc3b6a419c3d48c6
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190603/538c9259/attachment.html>

More information about the debian-security-tracker-commits mailing list