Author: micah Date: 2013-05-28 17:15:35 +0000 (Tue, 28 May 2013) New Revision: 22384
Modified: data/CVE/list Log: add versions and bugs to python-pip and python-virtualenv Modified: data/CVE/list =================================================================== --- data/CVE/list 2013-05-28 12:05:12 UTC (rev 22383) +++ data/CVE/list 2013-05-28 17:15:35 UTC (rev 22384) @@ -5051,6 +5051,10 @@ RESERVED CVE-2013-1629 RESERVED + - python-pip <unfixed> (medium; bug #710163) + - python-virtualenv 1.9.1-1 (medium; bug #710164) + NOTE: this CVE is reserved, but it has been leaked in http://www.reddit.com/r/Python/comments/17rfh7/warning_dont_use_pip_in_an_untrusted_network_a/ + NOTE: python-virtualenv embeds pip CVE-2013-1628 RESERVED CVE-2013-1627 (Absolute path traversal vulnerability in NTWebServer.exe in Indusoft ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits