Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: dccceb52 by Moritz Muehlenhoff at 2019-10-09T20:49:33Z Update py27 references - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -21116,9 +21116,11 @@ CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python NOTE: Introduced by: https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3 (v3.8.0a4) NOTE: Fixed by: https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e (v3.8.0b1) NOTE: https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09 (3.7) - NOTE: https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de (2.7) NOTE: https://bugs.python.org/issue36742 - NOTE: Patch for 2.7 series introduces new problems, cf. https://bugs.python.org/issue36742#msg344981 + NOTE: Patches for 2.7: + NOTE: https://github.com/python/cpython/commit/98a4dcefbbc3bce5ab07e7c0830a183157250259 + NOTE: https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de + NOTE: https://github.com/python/cpython/commit/2b578479b96aa3deeeb8bac313a02b5cf3cb1aff CVE-2019-10159 (cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnera ...) NOT-FOR-US: Red Hat CloudForms Management Engine CVE-2019-10158 @@ -21765,6 +21767,7 @@ CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 a NOTE: https://bugs.python.org/issue35906 NOTE: Introduced by: https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262 NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740 + NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052 CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...) - kubernetes <undetermined> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1692712 @@ -23299,6 +23302,8 @@ CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 a [stretch] - python2.7 <no-dsa> (Minor issue) NOTE: https://bugs.python.org/issue36276 NOTE: https://bugs.python.org/issue30458 + NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740 + NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052 CVE-2019-9739 RESERVED CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<E ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dccceb521179c9b701887f1a0e56694ecd158c3a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dccceb521179c9b701887f1a0e56694ecd158c3a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits