[Git][security-tracker-team/security-tracker][master] Reference upstream commits directly for python-werkzeug issues

Tue, 13 Jun 2023 23:22:19 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a5434fb2 by Salvatore Bonaccorso at 2023-06-14T08:21:26+02:00
Reference upstream commits directly for python-werkzeug issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21125,7 +21125,9 @@ CVE-2023-25578 (Starlite is an Asynchronous Server 
Gateway Interface (ASGI) fram
 CVE-2023-25577 (Werkzeug is a comprehensive WSGI web application library. 
Prior to ver ...)
        {DLA-3346-1}
        - python-werkzeug 2.2.2-3 (bug #1031370)
-       NOTE: 
https://github.com/pallets/werkzeug/commit/517cac5a804e8c4dc4ed038bb20dacd038e7a9f1
 (2.2.3)
+       NOTE: 
https://github.com/pallets/werkzeug/commit/fe899d0cdf767a7289a8bf746b7f72c2907a1b4b
 (2.2.3)
+       NOTE: 
https://github.com/pallets/werkzeug/commit/09449ee77934a0c883f5959785864ecae6aaa2c9
 (2.2.3)
+       NOTE: 
https://github.com/pallets/werkzeug/commit/babc8d9e8c9fa995ef26050698bc9b5a92803664
 (2.2.3)
        NOTE: 
https://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323
 CVE-2023-25576 (@fastify/multipart is a Fastify plugin to parse the multipart 
content- ...)
        NOT-FOR-US: Fastify plugin
@@ -25763,7 +25765,7 @@ CVE-2023-23935 (Discourse is an open-source messaging 
platform. In versions 3.0.
 CVE-2023-23934 (Werkzeug is a comprehensive WSGI web application library. 
Browsers may ...)
        {DLA-3346-1}
        - python-werkzeug 2.2.2-3 (bug #1031370)
-       NOTE: 
https://github.com/pallets/werkzeug/commit/cf275f42acad1b5950c50ffe8ef58fe62cdce028
 (2.2.3)
+       NOTE: 
https://github.com/pallets/werkzeug/commit/8c2b4b82d0cade0d37e6a88e2cd2413878e8ebd4
 (2.2.3)
        NOTE: 
https://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q
 CVE-2023-23933 (OpenSearch Anomaly Detection identifies atypical data and 
receives aut ...)
        NOT-FOR-US: OpenSearch Anomaly Detection



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5434fb24bd17bb9a83df102c868a6226547b5db

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5434fb24bd17bb9a83df102c868a6226547b5db
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to