[Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-48560

Thu, 24 Aug 2023 21:18:54 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ed6fce39 by Salvatore Bonaccorso at 2023-08-25T06:18:10+02:00
Update information on CVE-2022-48560

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -353,12 +353,15 @@ CVE-2022-48564 (read_ints in plistlib.py in Python 
through 3.9.1 is vulnerable t
        NOTE: 
https://github.com/python/cpython/commit/225e3659556616ad70186e7efc02baeebfeb5ec4
 (v3.7.10)
 CVE-2022-48560 (A use-after-free exists in Python through 3.9 via heappushpop 
in heapq ...)
        - python3.9 <not-affected> (Fixed before initial upload to the archive)
-       - python3.7 <removed>
+       - python3.7 3.7.7-1
        - python2.7 <removed>
        [bullseye] - python2.7 <ignored> (Unsupported in Bullseye, only 
included to build a few applications)
+       NOTE: https://bugs.python.org/issue39421
        NOTE: https://github.com/python/cpython/issues/83602
        NOTE: 
https://github.com/python/cpython/commit/79f89e6e5a659846d1068e8b1bd8e491ccdef861
 (v3.9.0a3)
+       NOTE: 
https://github.com/python/cpython/commit/993811ffe75c2573f97fb3fd1414b34609b8c8db
 (v3.8.2rc1)
        NOTE: 
https://github.com/python/cpython/commit/958064f8d2b84062b0582bbae911df8ccfc11fd6
 (v3.7.7rc1)
+       NOTE: 
https://github.com/python/cpython/commit/c563f409ea30bcb0623d785428c9257917371b76
 (v3.6.11rc1)
 CVE-2022-48554 (File before 5.43 has an stack-based buffer over-read in 
file_copystr i ...)
        - file 1:5.44-1
        NOTE: https://bugs.astron.com/view.php?id=310



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed6fce399c8311a5a60b47ac1c2d283f712ad960

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed6fce399c8311a5a60b47ac1c2d283f712ad960
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to