[Git][security-tracker-team/security-tracker][master] Add CVE-2024-0450/python

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 21 11:49:16 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bf02412a by Salvatore Bonaccorso at 2024-03-21T12:48:56+01:00
Add CVE-2024-0450/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -574,7 +574,20 @@ CVE-2024-1145 (User enumeration vulnerability in Devklan's Alma Blog that affect
 CVE-2024-1144 (Improper access control vulnerability in Devklan's Alma Blog that affe ...)
 	NOT-FOR-US: Devklan's Alma Blog
 CVE-2024-0450 (An issue was found in the CPython `zipfile` module affecting versions  ...)
-	TODO: check
+	- python3.12 3.12.2-1
+	- python3.11 3.11.8-1
+	- python3.10 <unfixed>
+	- python3.9 <removed>
+	- python3.7 <removed>
+	- python2.7 <removed>
+	NOTE: https://github.com/python/cpython/pull/110016
+	NOTE: https://github.com/python/cpython/issues/109858
+	NOTE: https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba (v3.13.0a3)
+	NOTE: https://github.com/python/cpython/commit/fa181fcf2156f703347b03a3b1966ce47be8ab3b (v3.12.2)
+	NOTE: https://github.com/python/cpython/commit/a956e510f6336d5ae111ba429a61c3ade30a7549 (v3.11.8)
+	NOTE: https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85 (v3.10.14)
+	NOTE: https://github.com/python/cpython/commit/a2c59992e9e8d35baba9695eb186ad6c6ff85c51 (v3.9.19)
+	NOTE: https://mail.python.org/archives/list/security-announce@python.org/thread/XELNUX2L3IOHBTFU7RQHCY6OUVEWZ2FG/
 CVE-2023-6597 (An issue was found in the CPython `tempfile.TemporaryDirectory` class  ...)
 	- python3.12 3.12.1-1
 	- python3.11 3.11.8-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf02412a541baed6368f3b188d929aeaac4d6e3a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf02412a541baed6368f3b188d929aeaac4d6e3a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240321/e6787e91/attachment.htm>

More information about the debian-security-tracker-commits mailing list