data/CVE/list

@@ -700,13 +700,14 @@ CVE-2018-6377 (In Joomla! before 3.8.4, inadequate input filtering in com_fields
 CVE-2018-6376 (In Joomla! before 3.8.4, the lack of type casting of a variable in a ...)
 	NOT-FOR-US: Joomla!
 CVE-2018-1000030 [Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileobject.c]
-	- python3.7 <unfixed>
-	- python3.6 <unfixed>
-	- python3.5 <unfixed>
-	- python3.4 <removed>
-	- python3.2 <removed>
-	[wheezy] - python3.2 <not-affected> (Claimed to be safe and reproduction verifies that)
+	- python3.7 <not-affected> (Reading ahead of file objects implemented differently)
+	- python3.6 <not-affected> (Reading ahead of file objects implemented differently)
+	- python3.5 <not-affected> (Reading ahead of file objects implemented differently)
+	- python3.4 <not-affected> (Reading ahead of file objects implemented differently)
+	- python3.2 <not-affected> (Reading ahead of file objects implemented differently)
 	- python2.7 <unfixed>
+	[stretch] - python2.7 <no-dsa> (Minor issue)
+	[jessie] - python2.7 <no-dsa> (Minor issue)
 	- python2.6 <removed>
 	NOTE: Original report: https://bugs.python.org/issue31530
 	NOTE: https://bugs.python.org/file47157/0001-stop-crashes-when-iterating-over-a-file-on-multiple-.patch
@@ -719,7 +720,6 @@ CVE-2018-1000030 [Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileob
 	NOTE: https://bugs.python.org/msg309265
 	NOTE: where the 6401e56 commit was mostly reverted again.
 	NOTE: Needed: https://github.com/python/cpython/commit/dbf52e02f18dac6f5f0a64f78932f3dc6efc056b
-	TODO: check, although claimed that Python 3.x is implemented safely, some versions still segfault, thus need proper investigation.
 CVE-2018-1000029
 	RESERVED
 CVE-2018-1000026 [Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet]