[Git][security-tracker-team/security-tracker][master] Add Debian bugs for CVE-2021-33203 & CVE-2021-33571 in python-django.

Chris Lamb (@lamby) lamby at debian.org
Wed Jun 2 16:07:46 BST 2021 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bb12189a by Chris Lamb at 2021-06-02T16:07:14+01:00
Add Debian bugs for CVE-2021-33203 & CVE-2021-33571 in python-django.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -522,7 +522,7 @@ CVE-2021-33572
 	RESERVED
 CVE-2021-33571 [Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses]
 	RESERVED
-	- python-django <unfixed>
+	- python-django <unfixed> (bug #989394)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/06/02/1
 	NOTE: https://github.com/django/django/commit/e1d787f1b36d13b95187f8f425425ae1b98da188 (main)
 	NOTE: https://github.com/django/django/commit/f27c38ab5d90f68c9dd60cabef248a570c0be8fc (2.2.24)
@@ -1314,7 +1314,7 @@ CVE-2021-33204 (In the pg_partman (aka PG Partition Manager) extension before 4.
 	NOTE: https://github.com/pgpartman/pg_partman/commit/0b6565ad378c358f8a6cd1d48ddc482eb7f854d3
 CVE-2021-33203 [Potential directory traversal via admindocs]
 	RESERVED
-	- python-django <unfixed>
+	- python-django <unfixed> (bug #989394)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/06/02/1
 	NOTE: https://github.com/django/django/commit/46572de2e92fdeaf047f80c44d52269e54ad68db (main)
 	NOTE: https://github.com/django/django/commit/053cc9534d174dc89daba36724ed2dcb36755b90 (2.2.24)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb12189ad35401961b3d6da34984290254e168e4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb12189ad35401961b3d6da34984290254e168e4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210602/6644cced/attachment.htm>

More information about the debian-security-tracker-commits mailing list