[SECURITY] [DLA DLA-649-1] python-django security update

ID DEBIAN:DLA-649-1:44929
Type debian
Reporter Debian
Modified 2016-10-06T21:23:18


Package : python-django Version : 1.4.22-1+deb7u1 CVE ID : CVE-2016-7401

It was discovered that there was a possible CSRF protection bypass on sites that use Google Analytics in python-django, a High-level Python web development framework.

More information can be found in the upstream announcement:


For Debian 7 "Wheezy", this issue has been fixed in python-django version 1.4.22-1+deb7u1.

We recommend that you upgrade your python-django packages.


 : :'  :     Chris Lamb
 `. `'`      lamby@debian.org / chris-lamb.co.uk