[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

November Report

This month I had 10 hours and I spent my 10 hours on the following

* Researched CVE-2016-9013 in python-django and found to be not worthy of
* Upload fixed version of python-django.
  * CVE-2016-9014: DNS rebinding vulnerability when DEBUG=True.
* Upload fixed version of lynx-cur.
  * CVE-2016-9179: invalid URL parsing with '?'.
* Research monit CVE-2016-7067 CSRF issue.
* Research asterisk. Ask if it is supported in Wheezy. Add links to upstream
  advisories in secure-testing.
Brian May <bam@debian.org>

Reply to: