[Git][security-tracker-team/security-tracker][master] Add CVE-2022-2834{6,7}/python-django
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Apr 11 12:17:53 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f6d79d1d by Salvatore Bonaccorso at 2022-04-11T13:16:50+02:00
Add CVE-2022-2834{6,7}/python-django
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1605,10 +1605,14 @@ CVE-2022-28349
RESERVED
CVE-2022-28348
RESERVED
-CVE-2022-28347
+CVE-2022-28347 [Potential SQL injection via QuerySet.explain(**options) on PostgreSQL]
RESERVED
-CVE-2022-28346
+ - python-django <unfixed>
+ NOTE: https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
+CVE-2022-28346 [Potential SQL injection in QuerySet.annotate(), aggregate(), and extra()]
RESERVED
+ - python-django <unfixed>
+ NOTE: https://www.djangoproject.com/weblog/2022/apr/11/security-releases/
CVE-2022-28345
RESERVED
CVE-2022-28344
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6d79d1db881fa73f80e6bc333862c1d57029aba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6d79d1db881fa73f80e6bc333862c1d57029aba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220411/b8ac8f24/attachment.htm>
More information about the debian-security-tracker-commits
mailing list