svn commit: r418007 - head/security/vuxml
Jason Unovitch
junovitch at FreeBSD.org
Mon Jul 4 01:46:36 UTC 2016
Author: junovitch
Date: Mon Jul 4 01:46:35 2016
New Revision: 418007
URL: https://svnweb.freebsd.org/changeset/ports/418007
Log:
Add fixed entries for Python 2.7, 3.4, 3.5 for urllib vulnerability.
Reset 3.3 as unfixed.
PR: 210539
PR: 210541
Reported by: Vladimir Krstulja <vlad-fbsd at acheronmedia.com>
Security: CVE-2016-5699
Security: https://vuxml.FreeBSD.org/freebsd/a61374fc-3a4d-11e6-a671-60a44ce6887b.html
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 4 00:29:01 2016 (r418006)
+++ head/security/vuxml/vuln.xml Mon Jul 4 01:46:35 2016 (r418007)
@@ -603,8 +603,20 @@ Notes:
<topic>Python -- HTTP Header Injection in Python urllib</topic>
<affects>
<package>
+ <name>python27</name>
+ <range><lt>2.7.10</lt></range>
+ </package>
+ <package>
<name>python33</name>
- <range><lt>3.3.6</lt></range>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>python34</name>
+ <range><lt>3.4.4</lt></range>
+ </package>
+ <package>
+ <name>python35</name>
+ <range><lt>3.5.0</lt></range>
</package>
</affects>
<description>
@@ -626,6 +638,7 @@ Notes:
<dates>
<discovery>2014-11-24</discovery>
<entry>2016-06-30</entry>
+ <modified>2016-07-04</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list