Reserve DLA-3024-1 for python-django

author: Chris Lamb <lamby@debian.org> 2022-05-26 11:47:59 +0100
committer: Chris Lamb <lamby@debian.org> 2022-05-26 11:47:59 +0100
commit: 2aeb4d9250242cf1408ecb0ddb013976b7f88cf3 (patch)
tree: 03b24c6bb45dfc6ce0c7be5bbced06125fb85a38 /data
parent: d94414a05112bd783f53d423456d8d34c217f58d (diff)
2 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 69d04d9697..c6fa86d0f8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -157927,7 +157927,6 @@ CVE-2020-9403 (In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are
 CVE-2020-9402 (Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 al ...)
 	- python-django 2:2.2.11-1 (low; bug #953102)
 	[buster] - python-django 1:1.11.29-1~deb10u1
-	[stretch] - python-django <postponed> (Can be fixed along in a future DSA)
 	[jessie] - python-django <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/04/1
 	NOTE: Introduced by: https://github.com/django/django/commit/fcf494b48fea7c0c55ea29721ba0b2d250351ff8
diff --git a/data/DLA/list b/data/DLA/list
index ceeeca6f19..5f7fdcf53e 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[26 May 2022] DLA-3024-1 python-django - security update
+	{CVE-2020-9402}
+	[stretch] - python-django 1:1.10.7-2+deb9u17
 [26 May 2022] DLA-3023-1 puma - security update
 	{CVE-2019-16770 CVE-2020-5247 CVE-2022-23634}
 	[stretch] - puma 3.6.0-1+deb9u2
author	Chris Lamb <lamby@debian.org>	2022-05-26 11:47:59 +0100
committer	Chris Lamb <lamby@debian.org>	2022-05-26 11:47:59 +0100
commit	2aeb4d9250242cf1408ecb0ddb013976b7f88cf3 (patch)
tree	03b24c6bb45dfc6ce0c7be5bbced06125fb85a38 /data
parent	d94414a05112bd783f53d423456d8d34c217f58d (diff)