Track upstream commits and fixes for CVE-2021-28861

author: Salvatore Bonaccorso <carnil@debian.org> 2022-09-24 14:30:01 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-09-24 14:30:01 +0200
commit: e4d1679a5964cbd16e4ba23f94fc9d4bd3a2f489 (patch)
tree: 7ad8c396d17106742494341f1b40a543030ace32 /data/CVE/list
parent: 9126ff5a4ce3c313feda559c62047b83e66f42bd (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 3736fcefc8..3fda6555b1 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -104449,7 +104449,17 @@ CVE-2021-28863
 CVE-2021-28862
 	RESERVED
 CVE-2021-28861 (** DISPUTED ** Python 3.x through 3.10 has an open redirection vulnera ...)
-	NOT-FOR-US: Disputed Python issue
+	- python3.11 3.11.0~b4-1 (unimportant)
+	- python3.10 3.10.6-1 (unimportant)
+	- python3.9 <unfixed> (unimportant)
+	- python3.7 <removed> (unimportant)
+	NOTE: https://bugs.python.org/issue43223
+	NOTE: https://github.com/python/cpython/pull/93879
+	NOTE: https://github.com/python/cpython/commit/e2e8847bf52f4a81490653c6d13b7e3821b2c2be (v3.11.0b4)
+	NOTE: https://github.com/python/cpython/commit/5715382d3a89ca118ce2e224d8c69550d21fe51b (v3.10.6)
+	NOTE: https://github.com/python/cpython/commit/defaa2b19a9a01c79c1d5641a8aa179bb10ead3f (v3.9.14)
+	NOTE: https://github.com/python/cpython/commit/4dc2cae3abd75f386374d0635d00443b897d0672 (v3.8.14)
+	NOTE: https://github.com/python/cpython/commit/8a34afd55258c721e446d6de4a70353c39a24148 (v3.7.14)
 CVE-2021-28860 (In Node.js mixme, prior to v0.5.1, an attacker can add or alter proper ...)
 	NOT-FOR-US: Node mixme
 CVE-2021-28859
author	Salvatore Bonaccorso <carnil@debian.org>	2022-09-24 14:30:01 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-09-24 14:30:01 +0200
commit	e4d1679a5964cbd16e4ba23f94fc9d4bd3a2f489 (patch)
tree	7ad8c396d17106742494341f1b40a543030ace32 /data/CVE/list
parent	9126ff5a4ce3c313feda559c62047b83e66f42bd (diff)