summaryrefslogtreecommitdiffstats
path: root/data
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-07-08 21:21:09 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-07-08 21:21:09 +0200
commit519745f71dfd6ee7321349f938a5be953d676f49 (patch)
tree3c2123acb4c4a45a36f035be783b88f9ec813c14 /data
parenta1ba09b22deedf46bf8861eeb4de35f746bab416 (diff)
Add source package tracking for python3.4 and mark as removed
This is not fully correct, but the situation can not be otherwise sensibly constructed. Initially python3.4 was in all suites not affected as the incomplete fix not applied (and when fixing CVE-2019-9636 applying the full fix sould have been done if possible). As noted in the previous commit though in jessie specifically the CVE was introduced. Hope reviewers of this commit agree, otherwise we can rediscuss how to best mark it.
Diffstat (limited to 'data')
-rw-r--r--data/CVE/list1
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 49bc8ceac9..1e4e71829b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -68252,6 +68252,7 @@ CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python
[buster] - python3.7 3.7.3-2+deb10u1
- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
+ - python3.4 <removed>
- python2.7 2.7.16-3
[buster] - python2.7 2.7.16-2+deb10u1
[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)

© 2014-2024 Faster IT GmbH | imprint | privacy policy