[Git][security-tracker-team/security-tracker][master] Add CVE-2024-0397/python

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 18 20:17:27 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1307b1ef by Salvatore Bonaccorso at 2024-06-18T21:16:44+02:00
Add CVE-2024-0397/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -190,7 +190,18 @@ CVE-2024-36527 (puppeteer-renderer v.3.2.0 and before is vulnerable to Directory
 CVE-2024-1469
 	REJECTED
 CVE-2024-0397 (A defect was discovered in the Python \u201cssl\u201d module where the ...)
-	TODO: check
+	- python3.13 <not-affected> (Fixed before initial upload to Debian unstable)
+	- python3.12 3.12.3-1
+	- python3.11 3.11.9-1
+	- python3.9 <removed>
+	- python3.7 <removed>
+	- python2.7 <removed>
+	[bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only included to build a few applications)
+	NOTE: https://github.com/python/cpython/issues/114572
+	NOTE: https://github.com/python/cpython/pull/114573
+	NOTE: https://github.com/python/cpython/commit/542f3272f56f31ed04e74c40635a913fbc12d286 (v3.12.3)
+	NOTE: https://github.com/python/cpython/commit/01c37f1d0714f5822d34063ca7180b595abf589d (v3.11.9)
+	NOTE: https://github.com/python/cpython/commit/b228655c227b2ca298a8ffac44d14ce3d22f6faa (3.9-branch)
 CVE-2018-25103 (There exists a use-after-free-vulnerability in lighttpd <= 1.4.50 that ...)
 	TODO: check
 CVE-2024-36973 (In the Linux kernel, the following vulnerability has been resolved:  m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1307b1efbf009d61e9480966191a9a16db1f2b3e

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1307b1efbf009d61e9480966191a9a16db1f2b3e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240618/cf56306e/attachment.htm>

More information about the debian-security-tracker-commits mailing list