summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-04-08 14:45:06 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-04-08 14:45:06 +0200
commit44691f7492d59e2e732fddc3abfa9939fbb239be (patch)
treee769cf5f0d48c72d4a3489db9820b4c8d5888f4b
parente9ea830efb7110af90bb42b975312fc4487eda98 (diff)
Mark CVE-2020-6817/python-bleach
The issue is minor (considering the DOS potential) and there is quite some regression potenial with invasive fixes. Mark the issue no-dsa for buster and stretch.
-rw-r--r--data/CVE/2020.list3
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index fe2f500..8dc81a7 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -10460,10 +10460,13 @@ CVE-2020-6817 [Regular expression denial of service]
RESERVED
{DLA-2167-1}
- python-bleach 3.1.4-1 (bug #955388)
+ [buster] - python-bleach <no-dsa> (Minor issue; some regression potential)
+ [stretch] - python-bleach <no-dsa> (Minor issue; some regression potential)
NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1623633
NOTE: https://github.com/mozilla/bleach/commit/d6018f2539d271963c3e7f54f36ef11900363c69
NOTE: https://github.com/mozilla/bleach/commit/6e74a5027b57055cdaeb040343d32934121392a7
+ NOTE: Regression report: https://github.com/mozilla/bleach/pull/530
CVE-2020-6815 (Mozilla developers reported memory safety and script safety bugs prese ...)
- firefox 74.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6815

© 2014-2020 Faster IT GmbH | imprint | privacy policy