Assign IDs

advisories/.id-allocator

@@ -1 +1 @@
-3bcec79ae1cebd5773e375bc2c552ecbd087ec67ef5f1de37b18cd269bb9f436
+ea06f8e20dfdd3b9b81d959c0f3ccd4f6392c0d0dcb0dfdba29bd131a80ff73f

advisories/python/PSF-0000-CVE-2023-6597.json → advisories/python/PSF-2024-1.json

@@ -1,21 +1,17 @@
 {
+  "modified": "2024-04-03T15:06:30Z",
+  "published": "2024-03-19T15:44:28Z",
   "schema_version": "1.5.0",
-  "id": "PSF-0000-CVE-2023-6597",
+  "id": "PSF-2024-1",
   "aliases": [
     "CVE-2023-6597"
   ],
-  "published": "2024-03-19T15:44:28.989Z",
-  "modified": "2024-04-03T15:06:30.430Z",
   "details": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.\n",
-  "database_specific": {
-    "cwe_ids": []
-  },
   "affected": [
     {
       "ranges": [
         {
           "type": "GIT",
-          "repo": "https://github.com/python/cpython",
           "events": [
             {
               "introduced": "0"
@@ -38,7 +34,8 @@
             {
               "fixed": "02a9259c717738dfe6b463c44d7e17f2b6d2cb3a"
             }
-          ]
+          ],
+          "repo": "https://github.com/python/cpython"
         }
       ]
     }
@@ -80,5 +77,8 @@
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html"
     }
-  ]
-}
+  ],
+  "database_specific": {
+    "cwe_ids": []
+  }
+}

advisories/python/PSF-0000-CVE-2024-0450.json → advisories/python/PSF-2024-2.json

@@ -1,21 +1,17 @@
 {
+  "modified": "2024-04-03T14:56:18Z",
+  "published": "2024-03-19T15:12:07Z",
   "schema_version": "1.5.0",
-  "id": "PSF-0000-CVE-2024-0450",
+  "id": "PSF-2024-2",
   "aliases": [
     "CVE-2024-0450"
   ],
-  "published": "2024-03-19T15:12:07.789Z",
-  "modified": "2024-04-03T14:56:18.250Z",
-  "details": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to \u201cquoted-overlap\u201d zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n",
-  "database_specific": {
-    "cwe_ids": []
-  },
+  "details": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n",
   "affected": [
     {
       "ranges": [
         {
           "type": "GIT",
-          "repo": "https://github.com/python/cpython",
           "events": [
             {
               "introduced": "0"
@@ -38,7 +34,8 @@
             {
               "fixed": "d05bac0b74153beb541b88b4fca33bf053990183"
             }
-          ]
+          ],
+          "repo": "https://github.com/python/cpython"
         }
       ]
     }
@@ -88,5 +85,8 @@
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00025.html"
     }
-  ]
-}
+  ],
+  "database_specific": {
+    "cwe_ids": []
+  }
+}