[Git][security-tracker-team/security-tracker][master] 2 commits: Directly reference the fixing commit from upstream

Salvatore Bonaccorso carnil at debian.org
Fri Apr 16 13:02:49 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
15f26c96 by Salvatore Bonaccorso at 2021-04-16T13:58:51+02:00
Directly reference the fixing commit from upstream

- - - - -
7d2dcc70 by Salvatore Bonaccorso at 2021-04-16T14:02:14+02:00
Track fixed version for CVE-2020-28469 via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23847,7 +23847,7 @@ CVE-2021-21417
 CVE-2021-21416 (django-registration is a user registration package for Django. The dja ...)
 	- python-django-registration <unfixed>
 	NOTE: https://github.com/ubernostrum/django-registration/security/advisories/GHSA-58c7-px5v-82hh
-	NOTE: https://github.com/ubernostrum/django-registration/commit/2db0bb7ec35636ea46b07b146328b87b2cb13ca5
+	NOTE: https://github.com/ubernostrum/django-registration/commit/8206af081e239598cfd15d165d4d8ab9849ee23c
 CVE-2021-21415
 	RESERVED
 CVE-2021-21414
@@ -34471,7 +34471,7 @@ CVE-2020-28470 (This affects the package @scullyio/scully before 1.0.9. The tran
 	NOT-FOR-US: scully
 CVE-2020-28469
 	RESERVED
-	- node-glob-parent <unfixed>
+	- node-glob-parent 5.1.1+~5.1.0-2
 	[buster] - node-glob-parent <no-dsa> (Minor issue)
 	[stretch] - node-glob-parent <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7a8d57b0956edc954e1e295967f2056c82805b5a...7d2dcc70170e388d09e17aed4c3ebc670bea8cde

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7a8d57b0956edc954e1e295967f2056c82805b5a...7d2dcc70170e388d09e17aed4c3ebc670bea8cde
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210416/26826cb3/attachment.htm>

More information about the debian-security-tracker-commits mailing list