[Git][security-tracker-team/security-tracker][master] Track upstream fixes for CVE-2019-20907/python
Salvatore Bonaccorso
carnil at debian.org
Wed Jul 15 14:52:17 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
19d2212c by Salvatore Bonaccorso at 2020-07-15T15:51:49+02:00
Track upstream fixes for CVE-2019-20907/python
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -190,7 +190,12 @@ CVE-2019-20907 (In Lib/tarfile.py in Python through 3.8.3, an attacker is able t
- python2.7 <unfixed> (low)
[buster] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue39017
- NOTE: Proposed fix: https://github.com/python/cpython/pull/21454
+ NOTE: https://github.com/python/cpython/commit/5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4 (master)
+ NOTE: https://github.com/python/cpython/commit/f3232294ee695492f43d424cc6969d018d49861d (3.9-branch)
+ NOTE: https://github.com/python/cpython/commit/c55479556db015f48fc8bbca17f64d3e65598559 (3.8-branch)
+ NOTE: https://github.com/python/cpython/commit/79c6b602efc9a906c8496f3d5f4d54c54b48fa06 (3.7-branch)
+ NOTE: https://github.com/python/cpython/commit/47a2955589bdb1a114d271496ff803ad73f954b8 (3.6-branch)
+ NOTE: https://github.com/python/cpython/pull/21454
CVE-2020-15686
RESERVED
CVE-2020-15685
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19d2212c05f577d96805e28233e129020e61d627
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19d2212c05f577d96805e28233e129020e61d627
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200715/f65d0f94/attachment.html>
More information about the debian-security-tracker-commits
mailing list