diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-08 21:21:09 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-08 21:21:09 +0200 |
commit | 5081e8e6ef56caf25a5c2f91211b416ded55308c (patch) | |
tree | a1b05bdc05155a0ae423f197cf1adbc1db1844d9 | |
parent | 8dbddb44d36aec05bcd95c6376b6d268ef4b90de (diff) |
Add source package tracking for python3.4 and mark as removed
This is not fully correct, but the situation can not be otherwise
sensibly constructed. Initially python3.4 was in all suites not affected
as the incomplete fix not applied (and when fixing CVE-2019-9636
applying the full fix sould have been done if possible). As noted in the
previous commit though in jessie specifically the CVE was introduced.
Hope reviewers of this commit agree, otherwise we can rediscuss how to
best mark it.
-rw-r--r-- | data/CVE/list.2019 | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index ba585620cc..f82db63960 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -28145,6 +28145,7 @@ CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python [buster] - python3.7 3.7.3-2+deb10u1 - python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied) - python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied) + - python3.4 <removed> - python2.7 2.7.16-3 [buster] - python2.7 2.7.16-2+deb10u1 [stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied) |