[Secure-testing-commits] r22384 - data/CVE

Micah Anderson Tue, 28 May 2013 10:16:37 -0700

Author: micah
Date: 2013-05-28 17:15:35 +0000 (Tue, 28 May 2013)
New Revision: 22384


Modified:
   data/CVE/list
Log:
add versions and bugs to python-pip and python-virtualenv

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2013-05-28 12:05:12 UTC (rev 22383)
+++ data/CVE/list       2013-05-28 17:15:35 UTC (rev 22384)
@@ -5051,6 +5051,10 @@
        RESERVED
 CVE-2013-1629
        RESERVED
+        - python-pip <unfixed> (medium; bug #710163)
+        - python-virtualenv 1.9.1-1 (medium; bug #710164)
+        NOTE: this CVE is reserved, but it has been leaked in 
http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/
+        NOTE: python-virtualenv embeds pip
 CVE-2013-1628
        RESERVED
 CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in 
Indusoft ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r22384 - data/CVE

Reply via email to