USN-2816-1: Django vulnerability

Ryan Butterfield discovered that Django incorrectly handled the date template filter. A remote attacker could possibly use this issue to obtain secrets from application settings...

Debian: Security Advisory (DSA-3404-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : python-Django (openSUSE-2015-677)

python-django was updated to fix two security issues. These security issues were fixed : - CVE-2015-5144: Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 used an incorrect regular expression, which allowed remote attackers to inject arbitrary headers and...

openSUSE Security Update : python-django (openSUSE-2015-674)

python-django was updated to fix two security issues. These security issues were fixed : - CVE-2015-5144: Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 used an incorrect regular expression, which allowed remote attackers to inject arbitrary headers and...

SUSE-SU-2015:1810-1 Security update for python-Django

This update for python-Django fixes the following security issues: - Prevent Denial-of-service possibility by filling session store. bsc937522, CVE-2015-5143 - Prevent Header injection possibility. bsc937523, CVE-2015-5144 - A remote denial of service resource exhaustion attack against the django...

SUSE-SU-2015:1815-1 Security update for python-Django

This update for python-Django fixes the following security issues: - Prevent Denial-of-service possibility by filling session store. bsc937522, CVE-2015-5143 - Prevent Header injection possibility. bsc937523, CVE-2015-5144 - A remote denial of service resource exhaustion attack against the django...

Mageia: Security Advisory (MGASA-2015-0293)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0327)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : python-django (openSUSE-2015-598)

python Django was updated to fix a remote denial of service resource exhaustion possibility in the auth views module. bsc941587, CVE-2015-5963 Also issafeurl was made to reject URLs that start with control characters to mitigate possible XSS attack via user-supplied redirect URLs bnc923176,...

openSUSE Security Update : python-Django (openSUSE-2015-592)

python Django was updated to fix a remote denial of service resource exhaustion possibility in the auth views module. bsc941587, CVE-2015-5963 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Moderate: Red Hat Security Advisory: python-django security update

Updated python-django packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores...

Debian DLA-301-1 : python-django security update

denial of service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin. This could allow a...

[SECURITY] [DLA 301-1] python-django security update

Package : python-django Version : 1.2.3-3+squeeze14 CVE ID : CVE-2015-5963 CVE-2015-5964 Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasnt decorated wi...

python-django, python2-django: denial of service

Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin. This could allow an attacker to easily create many new session records by sending repeat...

Debian DSA-3338-1 : python-django - security update

Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted. Additionally the...

Ubuntu: Security Advisory (USN-2720-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 3338-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3338-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini August 18, 2015 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3338-1 (python-django - security update)

Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users OpenVAS Vulnerability Test $Id: deb3338.nasl 6609 2017-07-07 12:05:59Z cfischer $...

DSA-3338-1 python-django - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3338-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...