diff options
| author | Sébastien Delafond <seb@debian.org> | 2020-06-18 10:34:36 +0200 |
|---|---|---|
| committer | Sébastien Delafond <sdelafond@gmail.com> | 2020-06-18 10:34:36 +0200 |
| commit | 4618747b3e5f613e4daaae15caccea6e5eecbbd2 (patch) | |
| tree | e098b96f1ffd0438743d015750fe76c5e584da29 /data | |
| parent | 32597bd42698ab9aeecaee4757befb884399ad22 (diff) | |
Reserve DSA-4705-1 for python-django
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 2 | ||||
| -rw-r--r-- | data/DSA/list | 4 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 3 |
3 files changed, 5 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4ccd7b7171..a4078186ae 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -13569,7 +13569,7 @@ CVE-2020-9403 RESERVED CVE-2020-9402 (Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 al ...) - python-django 2:2.2.11-1 (low; bug #953102) - [buster] - python-django <postponed> (Can be fixed along in a future DSA) + [buster] - python-django 1:1.11.29-1~deb10u1 [stretch] - python-django <postponed> (Can be fixed along in a future DSA) [jessie] - python-django <not-affected> (Vulnerable code introduced later) NOTE: https://www.openwall.com/lists/oss-security/2020/03/04/1 diff --git a/data/DSA/list b/data/DSA/list index 613260d81a..2e833c030e 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[18 Jun 2020] DSA-4705-1 python-django - security update + {CVE-2020-13254 CVE-2020-13596} + [stretch] - python-django 1:1.10.7-2+deb9u9 + [buster] - python-django 1:1.11.29-1~deb10u1 [16 Jun 2020] DSA-4704-1 vlc - security update {CVE-2020-13428} [stretch] - vlc 3.0.11-0+deb9u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index f3ced3f4ea..f396a32338 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -41,9 +41,6 @@ php7.3/stable -- poppler (jmm) -- -python-django (seb) - Regression needs to be adressed as well: https://code.djangoproject.com/ticket/31654#comment:14 --- rails Sylvain Beucler proposed to help for the update -- |