14 matches found
Fedora Update for python-django FEDORA-2014-9791
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-django FEDORA-2014-5562
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix two security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora Update for python-django FEDORA-2013-16901
Check for the Version of python-django OpenVAS Vulnerability Test Fedora Update for python-django FEDORA-2013-16901 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for python-django14 FEDORA-2013-16899
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-django FEDORA-2013-16901
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : python-django14-1.4.8-1.fc19 (2013-16899)
fix CVE-2013-1443 DoS via large passwords Fix for CVE-2013-4315 SSI include issue Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Updated python-django package fixes multiple vulnerabilities
Updated python-django package fixes security vulnerabilities: Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to...
Updated python-django package fixes security vulnerability
Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used to represent allowed prefixes for the % ssi % template tag, is...
CVE-2013-4315
Django Directory Traversal (CVE-2013-4315) affects Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3. A remote attacker can read arbitrary files via an ALLOWED_INCLUDE_ROOTS path ending in .. in an SSI template tag. Root cause: improper sanitization of file paths in SSI h...
Django "ssi"模板标签目录遍历漏洞(CVE-2013-4315)
BUGTRAQ ID: 62332 CVECAN ID: CVE-2013-4315 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django 1.4.7、1.5.3之前版本在处理"ssi"标签时没有在template/defaulttags.py内正确验证ALLOWEDINCLUDEROOTS设置,即用于读取文件,远程攻击者通过目录遍历序列利用此漏洞可获取敏感信息。 0 Django 1.5.x Django 1.4.x 厂商补丁: Django ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Django 目录遍历序列(CVE-2013-4315)
BUGTRAQ ID: 62332 CVECAN ID: CVE-2013-4315 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django在ssi模板标签的实现上存在目录遍历漏洞,攻击者可利用此漏洞获取敏感信息。 0 Django 1.4.x 厂商补丁: Django ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.djangoproject.com/...
Mandriva Linux Security Advisory : python-django (MDVSA-2013:234)
A vulnerability has been discovered and corrected in python-django : Rainer Koirikivi discovered a directory traversal vulnerability with 'ssi' template tags in python-django, a high-level Python web development framework. It was shown that the handling of the 'ALLOWEDINCLUDEROOTS' setting, used ...
[SECURITY] [DSA 2755-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2755-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso September 11, 2013 http://www.debian.org/security/faq -...