diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-31 16:46:51 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-31 16:46:51 +0200 |
commit | 82babf9fe317f5c3addc519ad8bf9244960f4622 (patch) | |
tree | 92077bc9a4c758495816d9a9bc004366cd361e08 /data | |
parent | 29acaca7987b203f21717713d2145c8a84f52853 (diff) |
Track fixes for python-markdown2 in 10.5
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | data/next-point-update.txt | 2 |
2 files changed, 1 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list index 3ae164e591..9503caaeee 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -11268,7 +11268,7 @@ CVE-2020-11889 (An issue was discovered in Joomla! before 3.9.17. Incorrect ACL NOT-FOR-US: Joomla! CVE-2020-11888 (python-markdown2 through 2.3.8 allows XSS because element names are mi ...) - python-markdown2 2.3.9-1 (bug #959445) - [buster] - python-markdown2 <no-dsa> (Minor issue) + [buster] - python-markdown2 2.3.7-2+deb10u1 NOTE: https://github.com/trentm/python-markdown2/issues/348 CVE-2020-11887 (svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an ...) NOT-FOR-US: svg2png diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 5f015faba2..7812f24358 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -1,5 +1,3 @@ -CVE-2020-11888 - [buster] - python-markdown2 2.3.7-2+deb10u1 CVE-2020-10543 [buster] - perl 5.28.1-6+deb10u1 CVE-2020-10878 |