[Git][security-tracker-team/security-tracker][master] CVE-2022-36359/python-django: add introducing commit
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Fri Aug 5 12:33:29 BST 2022
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
24d4b934 by Emilio Pozuelo Monfort at 2022-08-05T13:32:34+02:00
CVE-2022-36359/python-django: add introducing commit
And triage as n/a on buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2696,9 +2696,11 @@ CVE-2022-2502
RESERVED
CVE-2022-36359 (An issue was discovered in the HTTP FileResponse class in Django 3.2 b ...)
- python-django 3:3.2.15-1
+ [buster] - python-django <not-affected> (Vulnerable code introduced in 2.1)
NOTE: https://www.openwall.com/lists/oss-security/2022/08/03/1
NOTE: https://github.com/django/django/commit/bd062445cffd3f6cc6dcd20d13e2abed818fa173 (main)
NOTE: https://github.com/django/django/commit/b3e4494d759202a3b6bf247fd34455bf13be5b80 (3.2.15)
+ NOTE: Introduced by: https://github.com/django/django/commit/a177f854c34718e473bcd0a2dc6c4fd935c8e327
CVE-2022-36342
RESERVED
CVE-2022-36338
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24d4b93495c0601e25c352d5a19e1a9b50d3c372
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24d4b93495c0601e25c352d5a19e1a9b50d3c372
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220805/54efec15/attachment.htm>
More information about the debian-security-tracker-commits
mailing list