[Git][security-tracker-team/security-tracker][master] CVE-2020-27619: Replace upstream branches with actual tags containing the fix

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 29 20:00:18 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
88686912 by Salvatore Bonaccorso at 2024-11-29T20:59:05+01:00
CVE-2020-27619: Replace upstream branches with actual tags containing the fix

While at it, appaently we had 3.8.7~rc1-1 landed in unstable, so track
the fixed version as well for the older 3.8 version.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -321377,7 +321377,7 @@ CVE-2020-27620 (The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS beca
 	NOT-FOR-US: MediaWiki extension
 CVE-2020-27619 (In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK  ...)
 	- python3.9 3.9.1~rc1-1 (unimportant)
-	- python3.8 <removed> (unimportant)
+	- python3.8 3.8.7~rc1-1 (unimportant)
 	- python3.7 <removed> (unimportant)
 	- python2.7 <removed> (unimportant)
 	- pypy3 7.3.5+dfsg-2
@@ -321385,8 +321385,8 @@ CVE-2020-27619 (In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.p
 	NOTE: https://github.com/python/cpython/commit/2ef5caa58febc8968e670e39e3d37cf8eef3cab8 (master)
 	NOTE: https://github.com/python/cpython/commit/a8bf44d04915f7366d9f8dfbf84822ac37a4bab3 (master)
 	NOTE: https://github.com/python/cpython/commit/b664a1df4ee71d3760ab937653b10997081b1794 (v3.9.1rc1)
-	NOTE: https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33 (3.8)
-	NOTE: https://github.com/python/cpython/commit/43e523103886af66d6c27cd72431b5d9d14cd2a9 (3.7)
+	NOTE: https://github.com/python/cpython/commit/6c6c256df3636ff6f6136820afaefa5a10a3ac33 (v3.8.7rc1)
+	NOTE: https://github.com/python/cpython/commit/43e523103886af66d6c27cd72431b5d9d14cd2a9 (v3.7.10)
 	NOTE: https://bugs.python.org/issue41944
 	NOTE: Only affects the testsuite
 CVE-2020-27618 (The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/886869124b71179698585cfc593a5a66d78aa3c6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/886869124b71179698585cfc593a5a66d78aa3c6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241129/25368e48/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list