[Git][security-tracker-team/security-tracker][master] two poetry n/a

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
79a468c6 by Moritz Muehlenhoff at 2022-11-18T18:32:05+01:00
two poetry n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27707,11 +27707,11 @@ CVE-2022-36072 (SilverwareGames.io is a social network for users to play video g
 CVE-2022-36071 (SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and Web ...)
 	NOT-FOR-US: SFTPGo
 CVE-2022-36070 (Poetry is a dependency manager for Python. To handle dependencies that ...)
+	- poetry <not-affected> (Windows-specific)
 	NOTE: https://github.com/python-poetry/poetry/security/advisories/GHSA-j4j9-7hg9-97g6
-	TODO: check details
 CVE-2022-36069 (Poetry is a dependency manager for Python. When handling dependencies  ...)
+	- poetry <not-affected> (Fixed before initial upload to the archive)
 	NOTE: https://github.com/python-poetry/poetry/security/advisories/GHSA-9xgj-fcgf-x6mw
-	TODO: check details, CVE associated with poetry (and fixed in 1.1.9), though changes in poetry-core
 CVE-2022-36068 (Discourse is an open source discussion platform. In versions prior to  ...)
 	NOT-FOR-US: Discourse
 CVE-2022-36067 (vm2 is a sandbox that can run untrusted code with whitelisted Node's b ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79a468c645dc25bdbd79197e3bb57e2893e51112

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79a468c645dc25bdbd79197e3bb57e2893e51112
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221118/ac1d5f70/attachment.htm>