[Git][security-tracker-team/security-tracker][master] python3.4: tidy statuses
Sylvain Beucler
beuc at debian.org
Tue Jun 23 16:34:18 BST 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1c3fbdf8 by Sylvain Beucler at 2020-06-23T17:34:01+02:00
python3.4: tidy statuses
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -17306,7 +17306,7 @@ CVE-2020-8492 (Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10,
- python3.5 <removed>
[stretch] - python3.5 <no-dsa> (Minor issue)
- python3.4 <removed>
- [jessie] - python3.4 <no-dsa> (Minor issue)
+ [jessie] - python3.4 <postponed> (Minor issue)
- python2.7 <unfixed>
[buster] - python2.7 <no-dsa> (Minor issue)
[stretch] - python2.7 <no-dsa> (Minor issue)
@@ -45120,7 +45120,7 @@ CVE-2019-16935 (The documentation XML-RPC server in Python through 2.7.16, 3.x t
- pypy <unfixed> (low)
[buster] - pypy <no-dsa> (Minor issue)
[stretch] - pypy <no-dsa> (Minor issue)
- [jessie] - pypy <ignored> (Minor Issue, XSS in an unlikely use-case)
+ [jessie] - pypy <postponed> (Minor Issue, XSS in an unlikely use-case)
NOTE: https://bugs.python.org/issue38243
NOTE: https://github.com/python/cpython/pull/16373
NOTE: https://github.com/python/cpython/commit/e8650a4f8c7fb76f570d4ca9c1fbe44e91c8dfaa (master)
@@ -296794,7 +296794,7 @@ CVE-2013-1753 (The gzip_decode function in the xmlrpc client library in Python 3
- python3.2 <removed> (low)
- python3.3 <removed> (low; bug #742928)
- python3.4 3.4.2-4 (low; bug #742927)
- [jessie] - python3.4 <no-dsa> (Minor issue)
+ [jessie] - python3.4 <postponed> (Minor issue)
[squeeze] - python2.5 <no-dsa> (Minor issue)
[squeeze] - python2.6 <no-dsa> (Minor issue)
[wheezy] - python2.6 <no-dsa> (Minor issue)
=====================================
data/dla-needed.txt
=====================================
@@ -109,6 +109,7 @@ pound
NOTE: 20200619: No explicit patch mentioned. Needs deeper research.
--
python3.4 (Sylvain Beucler)
+ NOTE: 20200623: waiting for CVE-2020-14422's patch to be approved upstream
--
qemu (Adrian Bunk)
NOTE: 20200531: waiting for CVE-2020-13362 fix to be applied upstream (bunk)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c3fbdf81c5da1b54a8f56acc500a4dcaf11b63b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c3fbdf81c5da1b54a8f56acc500a4dcaf11b63b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200623/59491db0/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list