[Git][security-tracker-team/security-tracker][master] Reserve DLA-3177-1 for python-django

Chris Lamb (@lamby) lamby at debian.org
Fri Nov 4 12:48:05 GMT 2022 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a73f1be6 by Chris Lamb at 2022-11-04T12:47:36+00:00
Reserve DLA-3177-1 for python-django

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -69958,7 +69958,6 @@ CVE-2021-45117 (The OPC autogenerated ANSI C stack stubs (in the NodeSets) do no
 CVE-2021-45116 (An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11 ...)
 	- python-django 2:3.2.11-1 (bug #1003113)
 	[bullseye] - python-django 2:2.2.26-1~deb11u1
-	[buster] - python-django <postponed> (Minor issue; fix in next update)
 	[stretch] - python-django <postponed> (Minor issue; fix in next update)
 	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
 	NOTE: https://github.com/django/django/commit/c7fe895bca06daf12cc1670b56eaf72a1ef27a16 (3.2.11)
@@ -69966,7 +69965,6 @@ CVE-2021-45116 (An issue was discovered in Django 2.2 before 2.2.26, 3.2 before
 CVE-2021-45115 (An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11 ...)
 	- python-django 2:3.2.11-1 (bug #1003113)
 	[bullseye] - python-django 2:2.2.26-1~deb11u1
-	[buster] - python-django <postponed> (Minor issue; fix in next update)
 	[stretch] - python-django <postponed> (Minor issue; fix in next update)
 	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
 	NOTE: https://github.com/django/django/commit/a8b32fe13bcaed1c0b772fdc53de84abc224fb20 (3.2.11)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[04 Nov 2022] DLA-3177-1 python-django - security update
+	{CVE-2021-45115 CVE-2021-45116 CVE-2022-28346}
+	[buster] - python-django 1:1.11.29-1+deb10u3
 [03 Nov 2022] DLA-3176-1 clickhouse - security update
 	{CVE-2021-42387 CVE-2021-42388 CVE-2021-43304 CVE-2021-43305}
 	[buster] - clickhouse 18.16.1+ds-4+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a73f1be69b9248deef368b56ded2197157c64263

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a73f1be69b9248deef368b56ded2197157c64263
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221104/9ece340f/attachment.htm>

More information about the debian-security-tracker-commits mailing list