Update advisories from CVE records

psf · Aug 25, 2023 · 2b683cc · 2b683cc
1 parent 738010d
commit 2b683cc
Show file tree

Hide file tree

Showing 44 changed files with 216 additions and 164 deletions.
diff --git a/advisories/python/PSF-2012-4.json b/advisories/python/PSF-2012-4.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2021-07-31T07:06:47Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2012-07-03T19:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2012-4",
@@ -45,17 +45,17 @@
     "cwe_ids": []
   },
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
+    },
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue30694"
     },
     {
       "type": "WEB",
       "url": "https://github.com/libexpat/libexpat/blob/R_2_2_1/expat/Changes"
-    },
-    {
-      "type": "ADVISORY",
-      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
     }
   ]
 }
diff --git a/advisories/python/PSF-2012-5.json b/advisories/python/PSF-2012-5.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2020-01-21T21:06:15Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2012-10-05T21:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2012-5",
@@ -33,14 +33,14 @@
     "cwe_ids": []
   },
   "references": [
-    {
-      "type": "REPORT",
-      "url": "https://bugs.python.org/issue13703"
-    },
     {
       "type": "ADVISORY",
       "url": "http://www.ocert.org/advisories/ocert-2011-003.html"
     },
+    {
+      "type": "REPORT",
+      "url": "https://bugs.python.org/issue13703"
+    },
     {
       "type": "WEB",
       "url": "https://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html"

diff --git a/advisories/python/PSF-2013-3.json b/advisories/python/PSF-2013-3.json
@@ -35,4 +35,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2016-2.json b/advisories/python/PSF-2016-2.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2021-07-31T07:06:39Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2016-05-26T16:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2016-2",
@@ -57,6 +57,10 @@
     "cwe_ids": []
   },
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
+    },
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue29591"
@@ -73,10 +77,6 @@
       "type": "WEB",
       "url": "https://github.com/libexpat/libexpat/blob/R_2_2_1/expat/Changes"
     },
-    {
-      "type": "ADVISORY",
-      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
-    },
     {
       "type": "WEB",
       "url": "https://sourceforge.net/p/expat/bugs/537/"

diff --git a/advisories/python/PSF-2016-3.json b/advisories/python/PSF-2016-3.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2020-01-21T21:06:21Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2016-09-02T14:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2016-3",
@@ -36,13 +36,13 @@
     "cwe_ids": []
   },
   "references": [
-    {
-      "type": "WEB",
-      "url": "http://seclists.org/oss-sec/2016/q2/541"
-    },
     {
       "type": "ADVISORY",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0772"
+    },
+    {
+      "type": "WEB",
+      "url": "http://seclists.org/oss-sec/2016/q2/541"
     }
   ]
 }
diff --git a/advisories/python/PSF-2016-4.json b/advisories/python/PSF-2016-4.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2022-12-13T00:00:00Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2016-09-01T00:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2016-4",
@@ -36,17 +36,17 @@
     "cwe_ids": []
   },
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/"
+    },
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue27850"
     },
     {
       "type": "WEB",
       "url": "https://sweet32.info/"
-    },
-    {
-      "type": "ADVISORY",
-      "url": "https://www.openssl.org/blog/blog/2016/08/24/sweet32/"
     }
   ]
 }
diff --git a/advisories/python/PSF-2016-5.json b/advisories/python/PSF-2016-5.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2021-08-29T06:06:43Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2016-06-30T17:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2016-5",
@@ -39,17 +39,17 @@
     "cwe_ids": []
   },
   "references": [
-    {
-      "type": "REPORT",
-      "url": "https://bugs.python.org/issue44549"
-    },
     {
       "type": "ADVISORY",
       "url": "https://access.redhat.com/security/cve/cve-2016-3189"
     },
     {
       "type": "ADVISORY",
       "url": "https://access.redhat.com/security/cve/cve-2019-12900"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://bugs.python.org/issue44549"
     }
   ]
 }
diff --git a/advisories/python/PSF-2016-9.json b/advisories/python/PSF-2016-9.json
@@ -41,4 +41,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2017-1.json b/advisories/python/PSF-2017-1.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2018-01-04T19:57:01Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2017-08-24T20:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2017-1",
@@ -33,13 +33,13 @@
     "cwe_ids": []
   },
   "references": [
-    {
-      "type": "REPORT",
-      "url": "https://bugs.python.org/issue21529"
-    },
     {
       "type": "ADVISORY",
       "url": "https://access.redhat.com/security/cve/cve-2014-4616"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://bugs.python.org/issue21529"
     }
   ]
 }
diff --git a/advisories/python/PSF-2017-11.json b/advisories/python/PSF-2017-11.json
@@ -47,4 +47,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2017-7.json b/advisories/python/PSF-2017-7.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2021-06-29T14:06:56Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2017-07-25T20:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2017-7",
@@ -45,17 +45,17 @@
     "cwe_ids": []
   },
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
+    },
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue30694"
     },
     {
       "type": "WEB",
       "url": "https://github.com/libexpat/libexpat/blob/R_2_2_1/expat/Changes"
-    },
-    {
-      "type": "ADVISORY",
-      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
     }
   ]
 }
diff --git a/advisories/python/PSF-2017-8.json b/advisories/python/PSF-2017-8.json
@@ -47,4 +47,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2017-9.json b/advisories/python/PSF-2017-9.json
@@ -47,4 +47,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2018-1.json b/advisories/python/PSF-2018-1.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2018-06-12T09:57:01Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2018-06-11T21:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2018-1",
@@ -45,17 +45,17 @@
     "cwe_ids": []
   },
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
+    },
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue30694"
     },
     {
       "type": "WEB",
       "url": "https://github.com/libexpat/libexpat/blob/R_2_2_1/expat/Changes"
-    },
-    {
-      "type": "ADVISORY",
-      "url": "https://libexpat.github.io/doc/cve-2017-9233/"
     }
   ]
 }
diff --git a/advisories/python/PSF-2018-2.json b/advisories/python/PSF-2018-2.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2020-01-15T19:15:21Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2018-02-08T17:00:00Z",
   "schema_version": "1.5.0",
   "id": "PSF-2018-2",
@@ -30,13 +30,13 @@
     "cwe_ids": []
   },
   "references": [
-    {
-      "type": "REPORT",
-      "url": "https://bugs.python.org/issue31530"
-    },
     {
       "type": "ADVISORY",
       "url": "https://access.redhat.com/security/cve/cve-2018-1000030"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://bugs.python.org/issue31530"
     }
   ]
 }
diff --git a/advisories/python/PSF-2018-7.json b/advisories/python/PSF-2018-7.json
@@ -47,4 +47,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2018-8.json b/advisories/python/PSF-2018-8.json
@@ -38,4 +38,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}
diff --git a/advisories/python/PSF-2019-1.json b/advisories/python/PSF-2019-1.json
@@ -1,5 +1,5 @@
 {
-  "modified": "2019-06-03T19:04:24Z",
+  "modified": "2023-08-25T16:05:33Z",
   "published": "2019-06-03T19:04:24Z",
   "schema_version": "1.5.0",
   "id": "PSF-2019-1",
@@ -60,6 +60,10 @@
     "cwe_ids": []
   },
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://access.redhat.com/security/cve/cve-2013-1752"
+    },
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue16038"
@@ -83,10 +87,6 @@
     {
       "type": "REPORT",
       "url": "https://bugs.python.org/issue6791"
-    },
-    {
-      "type": "ADVISORY",
-      "url": "https://access.redhat.com/security/cve/cve-2013-1752"
     }
   ]
 }
diff --git a/advisories/python/PSF-2019-13.json b/advisories/python/PSF-2019-13.json
@@ -4,7 +4,7 @@
   "schema_version": "1.5.0",
   "id": "PSF-2019-13",
   "summary": "ssl.match_hostname() ignores extra string after whitespace in IPv4 address",
-  "details": "``inet_aton()`` accepts trailing characters after a valid IP.  Because of\nthat, Python ``ssl.match_hostname('1.1.1.1 ; this should not work but does')``\nsucceeded when it should fail.\n\nThe issue was introduced in `bpo-32819\n\u003chttps://bugs.python.org/issue32819\u003e`_ by `commit aef1283b\n\u003chttps://github.com/python/cpython/commit/aef1283ba428e33397d87cee3c54a5110861552d\u003e`_.\nOnly Python 3.7 and newer are affected. It's a potential security bug\nalthough **low severity**. For one Python 3.7 and newer **no longer use**\n``ssl.match_hostname()`` to verify hostnames and IP addresses of a\ncertificate: **matching is performed by OpenSSL**.\n\nIt should not possible to register a x509 certificate with a hostname with\nspaces.\n\nThe glibc function ``inet_aton()`` accepts input as valid if said input is\na IPv4 address followed by zero or more characters that are valid\nwhite-space as decided by ``isspace()``, with the rest of the string after\nthe first white-space being ignored. As ``'\\r'`` is a valid white-space\ncharacter the rest of the string is ignored (including the ``'\\r'``). See\n`glibc bug 24111: Deprecate inet_addr, inet_aton\n\u003chttps://sourceware.org/bugzilla/show_bug.cgi?id=24111\u003e`_.\n",
+  "details": "``inet_aton()`` accepts trailing characters after a valid IP.  Because of\nthat, Python ``ssl.match_hostname('1.1.1.1 ; this should not work but does')``\nsucceeded when it should fail.\n\nThe issue was introduced in `bpo-32819\n<https://bugs.python.org/issue32819>`_ by `commit aef1283b\n<https://github.com/python/cpython/commit/aef1283ba428e33397d87cee3c54a5110861552d>`_.\nOnly Python 3.7 and newer are affected. It's a potential security bug\nalthough **low severity**. For one Python 3.7 and newer **no longer use**\n``ssl.match_hostname()`` to verify hostnames and IP addresses of a\ncertificate: **matching is performed by OpenSSL**.\n\nIt should not possible to register a x509 certificate with a hostname with\nspaces.\n\nThe glibc function ``inet_aton()`` accepts input as valid if said input is\na IPv4 address followed by zero or more characters that are valid\nwhite-space as decided by ``isspace()``, with the rest of the string after\nthe first white-space being ignored. As ``'\\r'`` is a valid white-space\ncharacter the rest of the string is ignored (including the ``'\\r'``). See\n`glibc bug 24111: Deprecate inet_addr, inet_aton\n<https://sourceware.org/bugzilla/show_bug.cgi?id=24111>`_.\n",
   "affected": [
     {
       "ranges": [
@@ -38,4 +38,4 @@
   "database_specific": {
     "cwe_ids": []
   }
-}
+}