[Git][security-tracker-team/security-tracker][master] Update py27 references
Moritz Muehlenhoff
jmm at debian.org
Wed Oct 9 21:49:58 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dccceb52 by Moritz Muehlenhoff at 2019-10-09T20:49:33Z
Update py27 references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21116,9 +21116,11 @@ CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python
NOTE: Introduced by: https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3 (v3.8.0a4)
NOTE: Fixed by: https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e (v3.8.0b1)
NOTE: https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09 (3.7)
- NOTE: https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de (2.7)
NOTE: https://bugs.python.org/issue36742
- NOTE: Patch for 2.7 series introduces new problems, cf. https://bugs.python.org/issue36742#msg344981
+ NOTE: Patches for 2.7:
+ NOTE: https://github.com/python/cpython/commit/98a4dcefbbc3bce5ab07e7c0830a183157250259
+ NOTE: https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de
+ NOTE: https://github.com/python/cpython/commit/2b578479b96aa3deeeb8bac313a02b5cf3cb1aff
CVE-2019-10159 (cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnera ...)
NOT-FOR-US: Red Hat CloudForms Management Engine
CVE-2019-10158
@@ -21765,6 +21767,7 @@ CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 a
NOTE: https://bugs.python.org/issue35906
NOTE: Introduced by: https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262
NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740
+ NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...)
- kubernetes <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1692712
@@ -23299,6 +23302,8 @@ CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 a
[stretch] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue36276
NOTE: https://bugs.python.org/issue30458
+ NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740
+ NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
CVE-2019-9739
RESERVED
CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<E ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dccceb521179c9b701887f1a0e56694ecd158c3a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dccceb521179c9b701887f1a0e56694ecd158c3a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191009/6255a9c0/attachment.html>
More information about the debian-security-tracker-commits
mailing list