summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnton Gladky <gladk@debian.org>2022-02-12 13:26:02 +0100
committerAnton Gladky <gladk@debian.org>2022-02-12 13:26:02 +0100
commit267aa88eeb8019fd83beffd44eecce27914f48c3 (patch)
tree92d9e0334c48f6f063ba022b3e6af83c7071c5f1
parent5d9573b580a4dc002b79bba014724e911fb399aa (diff)
Reserve DLA-2919-1 for python2.7
-rw-r--r--data/CVE/list.20212
-rw-r--r--data/DLA/list3
-rw-r--r--data/dla-needed.txt4
3 files changed, 3 insertions, 6 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 19c38d422c..4c2c6e0da6 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1960,7 +1960,6 @@ CVE-2021-4189 [ftplib should not use the host from the PASV response]
- python2.7 <unfixed>
[bullseye] - python2.7 <ignored> (Python 2.7 in Bullseye not covered by security support)
[buster] - python2.7 <no-dsa> (Minor issue)
- [stretch] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue43285
NOTE: https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
NOTE: https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
@@ -52872,7 +52871,6 @@ CVE-2021-3177 (Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in
- python3.5 <removed>
- python2.7 2.7.18-2
[buster] - python2.7 <no-dsa> (Minor issue)
- [stretch] - python2.7 <no-dsa> (Minor issue)
NOTE: https://bugs.python.org/issue42938
NOTE: https://github.com/python/cpython/pull/24239
NOTE: https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html
diff --git a/data/DLA/list b/data/DLA/list
index 31bea6108f..4651738e76 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[12 Feb 2022] DLA-2919-1 python2.7 - security update
+ {CVE-2021-3177 CVE-2021-4189}
+ [stretch] - python2.7 2.7.13-2+deb9u6
[12 Feb 2022] DLA-2918-1 debian-edu-config - security update
{CVE-2021-20001}
[stretch] - debian-edu-config 1.929+deb9u5
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 888faae564..257737324f 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -64,10 +64,6 @@ pgbouncer (Emilio)
pjproject (Abhijith PA)
NOTE: 20211230: patch available for the no-dsa issue, check its NOTE (pochu)
--
-python2.7 (Anton)
- NOTE: 20220112: 3 postponed CVEs (Beuc)
- NOTE: 20220206: WIP https://salsa.debian.org/lts-team/packages/python2.7/ (Anton)
---
samba
NOTE: 20211128: WIP https://salsa.debian.org/lts-team/packages/samba/
NOTE: 20211212: Fix is too large, coordination with ELTS-upload (anton)

© 2014-2024 Faster IT GmbH | imprint | privacy policy