[Git][security-tracker-team/security-tracker][master] Triage CVE-2023-40587 in python-pyramid for buster LTS.
Chris Lamb (@lamby)
lamby at debian.org
Wed Sep 6 19:23:04 BST 2023
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2eccad7b by Chris Lamb at 2023-09-06T11:22:12-07:00
Triage CVE-2023-40587 in python-pyramid for buster LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1679,6 +1679,7 @@ CVE-2023-40587 (Pyramid is an open source Python web framework. A path traversal
- python-pyramid <unfixed> (bug #1050740)
[bookworm] - python-pyramid <no-dsa> (Minor issue)
[bullseye] - python-pyramid <not-affected> (Python version in Bullseye is not affected)
+ [buster] - python-pyramid <not-affected> (Python version in Buster is not affected)
NOTE: https://github.com/Pylons/pyramid/security/advisories/GHSA-j8g2-6fc7-q8f8
NOTE: https://github.com/Pylons/pyramid/commit/347d7750da6f45c7436dd0c31468885cc9343c85 (2.0.2)
NOTE: Underlying issue fixed in Python 3.11 and 3.12.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eccad7bf0c9fb400a845b5105b2304c7bea5b2e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eccad7bf0c9fb400a845b5105b2304c7bea5b2e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230906/85d7689a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list