[Git][security-tracker-team/security-tracker][master] Add source package tracking for python3.4 and mark as removed

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
519745f7 by Salvatore Bonaccorso at 2020-07-08T21:21:09+02:00
Add source package tracking for python3.4 and mark as removed

This is not fully correct, but the situation can not be otherwise
sensibly constructed. Initially python3.4 was in all suites not affected
as the incomplete fix not applied (and when fixing CVE-2019-9636
applying the full fix sould have been done if possible). As noted in the
previous commit though in jessie specifically the CVE was introduced.

Hope reviewers of this commit agree, otherwise we can rediscuss how to
best mark it.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -68252,6 +68252,7 @@ CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python
 	[buster] - python3.7 3.7.3-2+deb10u1
 	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
 	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
+	- python3.4 <removed>
 	- python2.7 2.7.16-3
 	[buster] - python2.7 2.7.16-2+deb10u1
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/519745f71dfd6ee7321349f938a5be953d676f49

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/519745f71dfd6ee7321349f938a5be953d676f49
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200708/6415994f/attachment.html>