[Git][security-tracker-team/security-tracker][master] sync python2.7 status for bullseye

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Apr 14 14:13:55 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
00db5cf7 by Moritz Muehlenhoff at 2023-04-14T15:13:28+02:00
sync python2.7 status for bullseye

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17993,6 +17993,7 @@ CVE-2023-24329 (An issue in the urllib.parse component of Python before v3.11 al
 	[bullseye] - python3.9 <no-dsa> (Minor issue)
 	- python3.7 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	NOTE: https://pointernull.com/security/python-url-parse-problem.html
 	NOTE: https://github.com/python/cpython/pull/99421
 	NOTE: https://github.com/python/cpython/pull/99446 (backport for 3.11 branch)
@@ -35308,6 +35309,7 @@ CVE-2022-45061 (An issue was discovered in Python before 3.11.1. An unnecessary
 	- python3.7 <removed>
 	[buster] - python3.7 <postponed> (Minor issue; fix along with next DLA)
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	[buster] - python2.7 <postponed> (Minor issue, DoS, fix along with next DLA)
 	NOTE: https://github.com/python/cpython/issues/98433
 	NOTE: https://github.com/python/cpython/pull/99092
@@ -97489,6 +97491,7 @@ CVE-2022-0391 (A flaw was found in Python, specifically within the urllib.parse
 	[stretch] - python3.5 <postponed> (Minor issue; regressions reports)
 	- python3.4 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	NOTE: https://bugs.python.org/issue43882
 	NOTE: Fixed by: https://github.com/python/cpython/commit/76cd81d60310d65d01f9d7b48a8985d8ab89c8b4 (v3.10.0b1)
 	NOTE: Followup for 3.10.x: https://github.com/python/cpython/commit/24f1d1a8a2c4aa58a606b4b6d5fa4305a3b91705 (v3.10.0b2)
@@ -125336,6 +125339,7 @@ CVE-2021-3737 (A flaw was found in python. An improperly handled HTTP response i
 	- python3.5 <removed>
 	- python3.4 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	[buster] - python2.7 <postponed> (Minor issue, DoS)
 	NOTE: https://bugs.python.org/issue44022
 	NOTE: https://github.com/python/cpython/pull/25916
@@ -126545,6 +126549,7 @@ CVE-2021-3733 (There's a flaw in urllib's AbstractBasicAuthHandler class. An att
 	[buster] - python3.7 <no-dsa> (Minor issue)
 	- python3.5 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	[buster] - python2.7 <postponed> (Minor issue, ReDoS)
 	NOTE: https://bugs.python.org/issue43075
 	NOTE: https://github.com/python/cpython/pull/24391
@@ -192847,6 +192852,7 @@ CVE-2020-26116 (http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.
 	[buster] - python3.7 3.7.3-2+deb10u3
 	- python3.5 <removed>
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	NOTE: https://bugs.python.org/issue39603
 	NOTE: https://python-security.readthedocs.io/vuln/http-header-injection-method.html
 	NOTE: https://github.com/python/cpython/commit/8ca8a2e8fb068863c1138f07e3098478ef8be12e (master)
@@ -231036,6 +231042,7 @@ CVE-2020-10735 (A flaw was found in python. In algorithms with quadratic time co
 	- python3.7 <removed>
 	[buster] - python3.7 <postponed> (Minor issue, CPU DoS)
 	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
 	[buster] - python2.7 <ignored> (Minor issue, CPU DoS, intrusive backport)
 	NOTE: https://github.com/python/cpython/issues/95778
 	NOTE: https://github.com/python/cpython/pull/96499



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00db5cf78bebfc329a0d82e02527e01fb0e29878

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00db5cf78bebfc329a0d82e02527e01fb0e29878
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230414/3e380315/attachment.htm>

More information about the debian-security-tracker-commits mailing list