[Git][security-tracker-team/security-tracker][master] Add CVE-2019-9636/python
Salvatore Bonaccorso
carnil at debian.org
Sat Mar 9 08:42:23 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d4f5a8e0 by Salvatore Bonaccorso at 2019-03-09T08:41:46Z
Add CVE-2019-9636/python
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,14 @@
CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: ...)
+ - python3.7 <unfixed>
+ - python3.6 <unfixed>
+ - python3.5 <removed>
+ - python3.4 <removed>
+ - python2.7 <unfixed>
+ NOTE: https://bugs.python.org/issue36216
+ NOTE: https://github.com/python/cpython/pull/12201
+ NOTE: https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html
+ NOTE: https://github.com/python/cpython/commit/daad2c482c91de32d8305abbccc76a5de8b3a8be (3.7.x)
+ NOTE: https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5 (2.7.x)
TODO: check
CVE-2019-9635
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4f5a8e0cb0daa768946eea69708755c65409f7e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d4f5a8e0cb0daa768946eea69708755c65409f7e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190309/fc8f8746/attachment.html>
More information about the debian-security-tracker-commits
mailing list