diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-04-08 14:45:06 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-04-08 14:45:06 +0200 |
commit | e51714b40f0a33c9fce2b04b780f965d21e66ecb (patch) | |
tree | d0a369ec51f5c1b7a7b5029bacccd87d4a3bfe6a | |
parent | a4f85a60ac44ea5b4c0ffd82a74c4f71c2425ee6 (diff) |
Mark CVE-2020-6817/python-bleach
The issue is minor (considering the DOS potential) and there is quite
some regression potenial with invasive fixes. Mark the issue no-dsa for
buster and stretch.
-rw-r--r-- | data/CVE/list.2020 | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index fe2f500166..8dc81a7b63 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -10460,10 +10460,13 @@ CVE-2020-6817 [Regular expression denial of service] RESERVED {DLA-2167-1} - python-bleach 3.1.4-1 (bug #955388) + [buster] - python-bleach <no-dsa> (Minor issue; some regression potential) + [stretch] - python-bleach <no-dsa> (Minor issue; some regression potential) NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1623633 NOTE: https://github.com/mozilla/bleach/commit/d6018f2539d271963c3e7f54f36ef11900363c69 NOTE: https://github.com/mozilla/bleach/commit/6e74a5027b57055cdaeb040343d32934121392a7 + NOTE: Regression report: https://github.com/mozilla/bleach/pull/530 CVE-2020-6815 (Mozilla developers reported memory safety and script safety bugs prese ...) - firefox 74.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6815 |