[Git][security-tracker-team/security-tracker][master] Add CVE-2020-28724/python-werkzeug
Salvatore Bonaccorso
carnil at debian.org
Wed Nov 18 22:04:28 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
54d68702 by Salvatore Bonaccorso at 2020-11-18T23:03:57+01:00
Add CVE-2020-28724/python-werkzeug
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -422,7 +422,9 @@ CVE-2020-28726
CVE-2020-28725
RESERVED
CVE-2020-28724 (Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ...)
- TODO: check
+ - python-werkzeug 0.11.9+dfsg1-1
+ NOTE: https://github.com/pallets/werkzeug/issues/822
+ NOTE: https://github.com/pallets/werkzeug/pull/890
CVE-2020-28723 (Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. ...)
NOT-FOR-US: CloudAvid
CVE-2020-28722
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54d687021507e40b22726f8bb423bd07f9231918
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54d687021507e40b22726f8bb423bd07f9231918
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201118/56e1f2b6/attachment.html>
More information about the debian-security-tracker-commits
mailing list