[Git][security-tracker-team/security-tracker][master] salt embeds python-tornado
Emilio Pozuelo Monfort (@pochu)
pochu at debian.org
Fri Jun 2 10:37:10 BST 2023
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6a8af6ad by Emilio Pozuelo Monfort at 2023-06-02T11:36:53+02:00
salt embeds python-tornado
Track it in embedded-code-copies and track CVE-2023-28370 for it.
- - - - -
2 changed files:
- data/CVE/list
- data/embedded-code-copies
Changes:
=====================================
data/CVE/list
=====================================
@@ -790,6 +790,7 @@ CVE-2023-28370 (Open redirect vulnerability in Tornado versions 6.3.1 and earlie
- python-tornado <unfixed> (bug #1036875)
[bookworm] - python-tornado <no-dsa> (Minor issue)
[bullseye] - python-tornado <no-dsa> (Minor issue)
+ - salt <unfixed>
NOTE: https://github.com/tornadoweb/tornado/commit/32ad07c54e607839273b4e1819c347f5c8976b2f (v6.3.2)
CVE-2023-27529 (Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an ...)
NOT-FOR-US: Wacom Tablet Driver installer
=====================================
data/embedded-code-copies
=====================================
@@ -3780,6 +3780,9 @@ python-toml
- python2-pip <unfixable> (embed)
NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
+python-tornado
+ - salt <unfixed>
+
pygments
- python-pip <unfixable> (embed)
NOTE: https://lists.debian.org/debian-python/2021/09/msg00031.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a8af6ada5f36172b8c6d9e97739a8d099720211
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a8af6ada5f36172b8c6d9e97739a8d099720211
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230602/45c3be02/attachment.htm>
More information about the debian-security-tracker-commits
mailing list