Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dccceb52 by Moritz Muehlenhoff at 2019-10-09T20:49:33Z
Update py27 references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21116,9 +21116,11 @@ CVE-2019-10160 (A security regression of CVE-2019-9636
was discovered in python
NOTE: Introduced by:
https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3
(v3.8.0a4)
NOTE: Fixed by:
https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e
(v3.8.0b1)
NOTE:
https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09
(3.7)
- NOTE:
https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de
(2.7)
NOTE: https://bugs.python.org/issue36742
- NOTE: Patch for 2.7 series introduces new problems, cf.
https://bugs.python.org/issue36742#msg344981
+ NOTE: Patches for 2.7:
+ NOTE:
https://github.com/python/cpython/commit/98a4dcefbbc3bce5ab07e7c0830a183157250259
+ NOTE:
https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de
+ NOTE:
https://github.com/python/cpython/commit/2b578479b96aa3deeeb8bac313a02b5cf3cb1aff
CVE-2019-10159 (cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are
vulnera ...)
NOT-FOR-US: Red Hat CloudForms Management Engine
CVE-2019-10158
@@ -21765,6 +21767,7 @@ CVE-2019-9947 (An issue was discovered in urllib2 in
Python 2.x through 2.7.16 a
NOTE: https://bugs.python.org/issue35906
NOTE: Introduced by:
https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262
NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740
+ NOTE: Patch 2.7:
https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container
Networking Int ...)
- kubernetes <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1692712
@@ -23299,6 +23302,8 @@ CVE-2019-9740 (An issue was discovered in urllib2 in
Python 2.x through 2.7.16 a
[stretch] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue36276
NOTE: https://bugs.python.org/issue30458
+ NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740
+ NOTE: Patch 2.7:
https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
CVE-2019-9739
RESERVED
CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the
'<E ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dccceb521179c9b701887f1a0e56694ecd158c3a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/dccceb521179c9b701887f1a0e56694ecd158c3a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
