summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2020-04-08 14:45:06 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2020-04-08 14:45:06 +0200
commite51714b40f0a33c9fce2b04b780f965d21e66ecb (patch)
treed0a369ec51f5c1b7a7b5029bacccd87d4a3bfe6a
parenta4f85a60ac44ea5b4c0ffd82a74c4f71c2425ee6 (diff)
Mark CVE-2020-6817/python-bleach
The issue is minor (considering the DOS potential) and there is quite some regression potenial with invasive fixes. Mark the issue no-dsa for buster and stretch.
-rw-r--r--data/CVE/list.20203
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index fe2f500166..8dc81a7b63 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -10460,10 +10460,13 @@ CVE-2020-6817 [Regular expression denial of service]
RESERVED
{DLA-2167-1}
- python-bleach 3.1.4-1 (bug #955388)
+ [buster] - python-bleach <no-dsa> (Minor issue; some regression potential)
+ [stretch] - python-bleach <no-dsa> (Minor issue; some regression potential)
NOTE: https://github.com/mozilla/bleach/security/advisories/GHSA-vqhp-cxgc-6wmm
NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1623633
NOTE: https://github.com/mozilla/bleach/commit/d6018f2539d271963c3e7f54f36ef11900363c69
NOTE: https://github.com/mozilla/bleach/commit/6e74a5027b57055cdaeb040343d32934121392a7
+ NOTE: Regression report: https://github.com/mozilla/bleach/pull/530
CVE-2020-6815 (Mozilla developers reported memory safety and script safety bugs prese ...)
- firefox 74.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2020-6815

© 2014-2024 Faster IT GmbH | imprint | privacy policy