[Git][security-tracker-team/security-tracker][master] Triage CVE-2021-44420 in python-django for buster LTS.
Chris Lamb (@lamby)
lamby at debian.org
Wed Nov 16 08:36:32 GMT 2022
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
83f418a5 by Chris Lamb at 2022-11-16T08:35:32+00:00
Triage CVE-2021-44420 in python-django for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -74988,7 +74988,7 @@ CVE-2021-44421 (The pointer-validation logic in util/mem_util.rs in Occlum befor
CVE-2021-44420 (In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, ...)
- python-django 2:3.2.10-1
[bullseye] - python-django 2:2.2.25-1~deb11u1
- [buster] - python-django <no-dsa> (Minor issue)
+ [buster] - python-django <not-affected> (Vulnerable code not present; is_endpoint support added later)
[stretch] - python-django <not-affected> (Vulnerable code not present; path converters added later)
NOTE: https://www.openwall.com/lists/oss-security/2021/12/07/1
NOTE: https://www.djangoproject.com/weblog/2021/dec/07/security-releases/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83f418a5333df852f436d176a72fef542efdcd62
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83f418a5333df852f436d176a72fef542efdcd62
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221116/f156b9f6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list