[Git][security-tracker-team/security-tracker][master] lxml DSA, add second issue to CVE/list, found when backporting changes
Moritz Muehlenhoff
jmm at debian.org
Sun Dec 13 18:10:40 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
102f7e8a by Moritz Mühlenhoff at 2020-12-13T19:10:03+01:00
lxml DSA, add second issue to CVE/list, found when backporting changes
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2020-XXXX [lxml sanitisng in math/svg, similar to CVE-2020-27783]
+ - lxml 4.6.1-1
+ [buster] - lxml 4.3.2-1+deb10u1
+ NOTE: https://github.com/lxml/lxml/commit/a105ab8dc262ec6735977c25c13f0bdfcdec72a7 (lxml-4.6.1)
CVE-2020-35216
RESERVED
CVE-2020-35215
=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[13 Dec 2020] DSA-4810-1 lxml - security update
+ {CVE-2020-27783}
+ [buster] - lxml 4.3.2-1+deb10u1
[09 Dec 2020] DSA-4809-1 python-apt - security update
{CVE-2020-27351}
[buster] - python-apt 1.8.4.2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/102f7e8ae143a54a4989f3334cac4f22259f3b68
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/102f7e8ae143a54a4989f3334cac4f22259f3b68
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201213/aa1f79d0/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list