[Git][security-tracker-team/security-tracker][master] CVE-2022-37454/python3*: introduced in 3.6

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
380c2080 by Sylvain Beucler at 2022-10-31T11:10:29+01:00
CVE-2022-37454/python3*: introduced in 3.6

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19406,6 +19406,7 @@ CVE-2022-37454 (The Keccak XKCP SHA-3 reference implementation before fdc6fef ha
 	NOTE: https://github.com/python/cpython/commit/857efee6d2d43c5c12fc7e377ce437144c728ab8 (3.9-branch)
 	NOTE: https://github.com/python/cpython/commit/948c6794711458fd148a3fa62296cadeeb2ed631 (3.8-branch)
 	NOTE: https://github.com/python/cpython/commit/8088c90044ba04cd5624b278340ebf934dbee4a5 (3.7-branch)
+	NOTE: For Python, introduced in: https://github.com/python/cpython/commit/6fe2a75b645044ca2b5dac03e8d850567b547a9a (3.6)
 	NOTE: Versions which have the OpenSSL sha3 delegation are not affected by the issue and only ship
 	NOTE: source-wise the bundled _sha3 XKCP module code.
 	NOTE: OpenSSL sha3 delegation added in https://github.com/python/cpython/commit/d5b3f6b7f9fc74438009af63f1de01bd77be9385 (v3.9.0b1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/380c2080a59b272d609f0ff196435416de201713

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/380c2080a59b272d609f0ff196435416de201713
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221031/3c6b76b0/attachment.htm>