[Python-modules-team] Bug#946011: python-django: CVE-2019-19118
Chris Lamb
lamby at debian.org
Tue Dec 3 20:25:42 GMT 2019
Dear Salvatore,
> > Security team, would you like an upload for stable?
>
> As far I can see this issue has been introduced around 2.1 where the
> search support for view permissions and a read-only admin support was
> added. […]
Upon further inspection that is my reading too. I was being overly-
cautious in assuming that it was vulnerable without doing any checking
first, thus leading to this noise (for which I apologise).
I have updated data/dla-needed.txt and data/CVE/list to match.
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` lamby at debian.org 🍥 chris-lamb.co.uk
`-
More information about the Python-modules-team
mailing list