[Secure-testing-commits] r33080 - data/CVE

Raphaël Hertzog Mon, 23 Mar 2015 08:05:05 -0700

Author: hertzog
Date: 2015-03-23 15:03:48 +0000 (Mon, 23 Mar 2015)
New Revision: 33080


Modified:
   data/CVE/list
Log:
Mark CVE-2015-2317 as no-dsa for python-django/squeeze

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-03-23 15:02:32 UTC (rev 33079)
+++ data/CVE/list       2015-03-23 15:03:48 UTC (rev 33080)
@@ -95,6 +95,7 @@
 CVE-2015-2317 [Mitigated possible XSS attack via user-supplied redirect URLs]
        RESERVED
        - python-django <unfixed> (bug #780873)
+       [squeeze] - python-django <no-dsa> (Minor issue, can wait next security 
upload)
        NOTE: 
https://github.com/django/django/commit/2342693b31f740a422abf7267c53b4e7bc487c1b
 (1.4.x)
        NOTE: 
https://github.com/django/django/commit/2a4113dbd532ce952308992633d802dc169a75f1
 (1.7.x)
 CVE-2015-2316 [Denial-of-service possibility with strip_tags()]


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r33080 - data/CVE

Reply via email to