#35473: Typo in historic security advisory
-----------------------------------------+------------------------
Reporter: Darakian | Owner: nobody
Type: Uncategorized | Status: new
Component: Documentation | Version:
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 1
UI/UX: 0 |
-----------------------------------------+------------------------
Hey all,
Wanted to raise a very minor issue to you all. I work on the advisory
database for github and had a user come and suggest an improvement on an
old CVE from 2009 (CVE-2009-3965)
See: https://github.com/github/advisory-database/pull/4451
The CVE itself seemed entirely unrelated to me, but then a reference to
some django docs was brought up
https://docs.djangoproject.com/en/3.2/releases/security/#october-9-2009-cve-2009-3965
which references the same CVE id.
I ended up doing some digging and I think what happened is that someone
typoed on that doc and it should have been 3695 rather than 3965
See: https://nvd.nist.gov/vuln/detail/CVE-2009-3695
vs https://nvd.nist.gov/vuln/detail/CVE-2009-3965
Anyway, very minor issue but figured it would be good to report it all the
same so that it can get updated :)
--
Ticket URL: <https://code.djangoproject.com/ticket/35473>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/0107018fa162d30a-8763f8f4-e4d2-46f8-a1ae-0ec8e6c54931-000000%40eu-central-1.amazonses.com.
