Backported fixes missing in advisory dataΒ #77
Description
The issue first showed up for PSF-2023-2 aka CVE-2023-27043 for me, but I suspect it may affect many more issues. For brevity I'll focus on this one.
The advisory data says it is fixed in python/cpython@4a153a1, i.e. 3.13.0. From looking around I can find e.g. python/cpython@ee953f2, which fixes the same thing in 3.9.20. This information is sadly not reflected in the above advisory file.
Even the NVD database meanwhile has versions for this one that look reasonable to me: https://nvd.nist.gov/vuln/detail/CVE-2023-27043