[Git][security-tracker-team/security-tracker][master] Record commits for three python-django issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 4 12:36:22 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b0745894 by Salvatore Bonaccorso at 2022-01-04T13:35:47+01:00
Record commits for three python-django issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2779,6 +2779,8 @@ CVE-2021-45452 [Potential directory-traversal via Storage.save()]
 	RESERVED
 	- python-django <unfixed> (bug #1003113)
 	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
+	NOTE: https://github.com/django/django/commit/8d2f7cff76200cbd2337b2cf1707e383eb1fb54b (3.2.11)
+	NOTE: https://github.com/django/django/commit/4cb35b384ceef52123fc66411a73c36a706825e1 (2.2.26)
 CVE-2021-4150 [Block subsystem mishandles reference counts]
 	RESERVED
 	- linux 5.15.3-1
@@ -3757,10 +3759,14 @@ CVE-2021-45116 [Potential information disclosure in dictsort template filter]
 	RESERVED
 	- python-django <unfixed> (bug #1003113)
 	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
+	NOTE: https://github.com/django/django/commit/c7fe895bca06daf12cc1670b56eaf72a1ef27a16 (3.2.11)
+	NOTE: https://github.com/django/django/commit/c9f648ccfac5ab90fb2829a66da4f77e68c7f93a (2.2.26)
 CVE-2021-45115 [Denial-of-service possibility in UserAttributeSimilarityValidator]
 	RESERVED
 	- python-django <unfixed> (bug #1003113)
 	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
+	NOTE: https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20 (3.2.11)
+	NOTE: https://github.com/django/django/commit/2135637fdd5ce994de110affef9e67dffdf77277 (2.2.26)
 CVE-2021-45106
 	RESERVED
 CVE-2021-44463



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b074589480797821bc1933c2bc6d3a77e6664aaf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b074589480797821bc1933c2bc6d3a77e6664aaf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220104/aa8e7ae0/attachment.htm>

More information about the debian-security-tracker-commits mailing list