Opened 7 months ago

Closed 7 months ago

Last modified 6 months ago

#35473 closed Bug (fixed)

Typo in historic security advisory

Reported by: Darakian Owned by: sammy20d
Component: Documentation Version: dev
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

Hey all,

Wanted to raise a very minor issue to you all. I work on the advisory database for github and had a user come and suggest an improvement on an old CVE from 2009 (CVE-2009-3965)
See: https://github.com/github/advisory-database/pull/4451

The CVE itself seemed entirely unrelated to me, but then a reference to some django docs was brought up
https://docs.djangoproject.com/en/3.2/releases/security/#october-9-2009-cve-2009-3965
which references the same CVE id.

I ended up doing some digging and I think what happened is that someone typoed on that doc and it should have been 3695 rather than 3965
See: https://nvd.nist.gov/vuln/detail/CVE-2009-3695
vs https://nvd.nist.gov/vuln/detail/CVE-2009-3965

Anyway, very minor issue but figured it would be good to report it all the same so that it can get updated :)

Change History (7)

comment:1 by sammy20d, 7 months ago

Owner: changed from nobody to sammy20d
Status: newassigned

comment:2 by Tim Graham, 7 months ago

Triage Stage: UnreviewedAccepted
Type: UncategorizedBug
Version: dev

comment:3 by Samruddhi Dharankar, 7 months ago

Hi, this is my first contribution. I have created a PR. Kindly lemme know if I missed anything!

comment:4 by Sarah Boyce, 7 months ago

Has patch: set

comment:5 by Sarah Boyce, 7 months ago

Triage Stage: AcceptedReady for checkin

comment:6 by Sarah Boyce <42296566+sarahboyce@…>, 7 months ago

Resolution: fixed
Status: assignedclosed

In 02dab94:

Fixed #35473 -- Fixed CVE number in security archive.

Updated to CVE-2009-3695 from CVE-2009-3965.

comment:7 by Sarah Boyce <42296566+sarahboyce@…>, 6 months ago

In fed3efda:

[5.1.x] Fixed #35473 -- Fixed CVE number in security archive.

Updated to CVE-2009-3695 from CVE-2009-3965.

Backport of 02dab94c7b8585c7ae3854465574d768e1df75d3 from main.

Note: See TracTickets for help on using tickets.
Back to Top