Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2a9feaed by Salvatore Bonaccorso at 2021-07-01T21:36:39+02:00 Add CVE-2021-35042/python-django - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2299,8 +2299,11 @@ CVE-2021-35044 RESERVED CVE-2021-35043 RESERVED -CVE-2021-35042 +CVE-2021-35042 [Potential SQL injection via unsanitized QuerySet.order_by() input] RESERVED + - python-django <not-affected> (Vulnerable code introduced in 3.1) + NOTE: https://www.djangoproject.com/weblog/2021/jul/01/security-releases/ + NOTE: Issue did affect only the experimental version and fixed in 2:3.2.5-1 CVE-2021-35041 (The blockchain node in FISCO-BCOS V2.7.2 may have a bug when dealing w ...) NOT-FOR-US: FISCO-BCOS CVE-2021-3609 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9feaedcecb31ab68381f1b8b3c39e6b7320bf8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9feaedcecb31ab68381f1b8b3c39e6b7320bf8 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits