[Git][security-tracker-team/security-tracker][master] Track upstream commits and fixes for CVE-2021-28861

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Sep 24 13:30:32 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4d1679a by Salvatore Bonaccorso at 2022-09-24T14:30:01+02:00
Track upstream commits and fixes for CVE-2021-28861

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -104449,7 +104449,17 @@ CVE-2021-28863
 CVE-2021-28862
 	RESERVED
 CVE-2021-28861 (** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnera ...)
-	NOT-FOR-US: Disputed Python issue
+	- python3.11 3.11.0~b4-1 (unimportant)
+	- python3.10 3.10.6-1 (unimportant)
+	- python3.9 <unfixed> (unimportant)
+	- python3.7 <removed> (unimportant)
+	NOTE: https://bugs.python.org/issue43223
+	NOTE: https://github.com/python/cpython/pull/93879
+	NOTE: https://github.com/python/cpython/commit/e2e8847bf52f4a81490653c6d13b7e3821b2c2be (v3.11.0b4)
+	NOTE: https://github.com/python/cpython/commit/5715382d3a89ca118ce2e224d8c69550d21fe51b (v3.10.6)
+	NOTE: https://github.com/python/cpython/commit/defaa2b19a9a01c79c1d5641a8aa179bb10ead3f (v3.9.14)
+	NOTE: https://github.com/python/cpython/commit/4dc2cae3abd75f386374d0635d00443b897d0672 (v3.8.14)
+	NOTE: https://github.com/python/cpython/commit/8a34afd55258c721e446d6de4a70353c39a24148 (v3.7.14)
 CVE-2021-28860 (In Node.js mixme, prior to v0.5.1, an attacker can add or alter proper ...)
 	NOT-FOR-US: Node mixme
 CVE-2021-28859



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4d1679a5964cbd16e4ba23f94fc9d4bd3a2f489

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4d1679a5964cbd16e4ba23f94fc9d4bd3a2f489
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220924/c6288b2a/attachment.htm>

More information about the debian-security-tracker-commits mailing list