[Git][security-tracker-team/security-tracker][master] CVE-2019-10160/python3.4: actually not-affected, clarify comments

Wed Jul 8 20:32:58 BST 2020


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e6125c4d by Sylvain Beucler at 2020-07-08T21:32:01+02:00
CVE-2019-10160/python3.4: actually not-affected, clarify comments

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -68250,9 +68250,9 @@ CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
-	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.4 <removed>
+	- python3.6 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.5 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.4 <not-affected> (Vulnerable fix to regression introduced by fix for CVE-2019-9636 not applied)
 	- python2.7 2.7.16-3
 	[buster] - python2.7 2.7.16-2+deb10u1
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6125c4d7daa8f674a033753e393da619ceae8a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6125c4d7daa8f674a033753e393da619ceae8a4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200708/a5331eb7/attachment.html>
