Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2f4fc825 by Salvatore Bonaccorso at 2018-09-21T09:24:46Z
Update status for CVE-2018-1000802
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -323,10 +323,16 @@ CVE-2018-17155
CVE-2018-17154
RESERVED
CVE-2018-1000802 (Python Software Foundation Python (CPython) version 2.7
contains a ...)
+ - python3.7 <not-affected> (Fixed before initial upload)
+ - python3.6 <not-affected> (Fixed before initial upload)
+ - python3.5 <not-affected> (Fixed before initial upload)
+ - python3.4 <removed>
- python2.7 <unfixed>
NOTE: https://bugs.python.org/issue34540
NOTE:
https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace
- TODO: check, issue is possibly specific to 2.7 only, so not listing
here any other python source packages at the moment
+ NOTE: Later versions did remove _call_external_zip with
+ NOTE:
https://github.com/python/cpython/commit/a0934b2c1b939fdebee8dc18d49a0f6c52324773
+ NOTE: which used distutils.spawn.
CVE-2018-17153 (It was discovered that the Western Digital My Cloud device
through ...)
NOT-FOR-US: Western Digital My Cloud device
CVE-2018-17152
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f4fc8254a33731cf3ca6111d68ade3b85e8841f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f4fc8254a33731cf3ca6111d68ade3b85e8841f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
