Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7ffe94e8 by Salvatore Bonaccorso at 2019-03-09T10:19:35Z
Add Debian bug reference(s) for CVE-2019-9636/python
- - - - -
4bf37048 by Salvatore Bonaccorso at 2019-03-09T10:20:16Z
Cleanup TODO item for CVE-2019-9636
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,14 @@
CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected
by: ...)
- - python3.7 <unfixed>
+ - python3.7 <unfixed> (bug #924072)
- python3.6 <unfixed>
- python3.5 <removed>
- python3.4 <removed>
- - python2.7 <unfixed>
+ - python2.7 <unfixed> (bug #924073)
NOTE: https://bugs.python.org/issue36216
NOTE: https://github.com/python/cpython/pull/12201
NOTE:
https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html
NOTE:
https://github.com/python/cpython/commit/daad2c482c91de32d8305abbccc76a5de8b3a8be
(3.7.x)
NOTE:
https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5
(2.7.x)
- TODO: check
CVE-2019-9635
RESERVED
CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists
in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9654deca718f468d73875d42f624488b1970abf3...4bf370487778ab9af4cca3971c15bb0f64cd1b07
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/9654deca718f468d73875d42f624488b1970abf3...4bf370487778ab9af4cca3971c15bb0f64cd1b07
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
