[Git][security-tracker-team/security-tracker][master] Add CVE-2020-28724/python-werkzeug

Salvatore Bonaccorso carnil at debian.org
Wed Nov 18 22:04:28 GMT 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
54d68702 by Salvatore Bonaccorso at 2020-11-18T23:03:57+01:00
Add CVE-2020-28724/python-werkzeug

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -422,7 +422,9 @@ CVE-2020-28726
 CVE-2020-28725
 	RESERVED
 CVE-2020-28724 (Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ...)
-	TODO: check
+	- python-werkzeug 0.11.9+dfsg1-1
+	NOTE: https://github.com/pallets/werkzeug/issues/822
+	NOTE: https://github.com/pallets/werkzeug/pull/890
 CVE-2020-28723 (Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. ...)
 	NOT-FOR-US: CloudAvid
 CVE-2020-28722



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54d687021507e40b22726f8bb423bd07f9231918

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/54d687021507e40b22726f8bb423bd07f9231918
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201118/56e1f2b6/attachment.html>


More information about the debian-security-tracker-commits mailing list