23 matches found
Debian: Security Advisory (DLA-301-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : python-django-1.8.7-1.fc22 (2015-323274d412)
Update to 1.8.7 , fixing CVE-2015-8213 rhbz1285278 ---- python- django-1.8.4-1.fc22 - Do not install bash completion for python executables Ville Skytta, rhbz1253076 - CVE-2015-5963 Denial-of-service possibility in logout view by filling session store rhbz1254911 - CVE-2015-5964 Denial- of-servic...
Fedora 23 : python-django-1.8.6-1.fc23 (2015-1dd5bc998f)
rebase to 1.8.6 rhbz1276914 ---- rebase to 1.8.5 rhbz1276914 ---- python-django-1.8.4-1.fc23 - Do not install bash completion for python executables Ville Skytta, rhbz1253076 - CVE-2015-5963 Denial-of-service possibility in logout view by filling session store rhbz1254911 - CVE-2015-5964...
Fedora Update for python-django FEDORA-2015-323274
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0327)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 10 package python3-module-django version 1.8.5-alt1
Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...
Security fix for the ALT Linux 9 package python3-module-django version 1.8.5-alt1
Oct. 13, 2015 Alexey Shabalin 1.8.5-alt1 - 1.8.5 - fixed CVE-2015-5143, CVE-2015-5144, CVE-2015-5145, CVE-2015-5964, CVE-2015-5963...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores...
Debian DLA-301-1 : python-django security update
denial of service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admin. This could allow a...
[SECURITY] [DLA 301-1] python-django security update
Package : python-django Version : 1.2.3-3+squeeze14 CVE ID : CVE-2015-5963 CVE-2015-5964 Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasnt decorated wi...
DLA-301-1 python-django - security update
Bulletin has no description...
CVE-2015-5963
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service session store consumption or session record removal via a large number of requests to...
CVE-2015-5963
CVE-2015-5963 describes a DoS in Django where contrib.sessions.middleware.SessionMiddleware may create an empty session record when anonymously hitting contrib.auth.views.logout, leading to session store consumption. Affected versions are Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, and 1.4.x ...
CVE-2015-5963
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service session store consumption or session record removal via a large number of requests to...
[USN-2720-1] Django vulnerability
========================================================================== Ubuntu Security Notice USN-2720-1 August 18, 2015 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Debian DSA-3338-1 : python-django - security update
Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted. Additionally the...
Ubuntu: Security Advisory (USN-2720-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : django -- multiple vulnerabilities (b0e54dc1-45d2-11e5-adde-14dae9d210b8)
Tim Graham reports : Denial-of-service possibility in logout view by filling session store Previously, a session could be created when anonymously accessing the django.contrib.auth.views.logout view provided it wasn't decorated with django.contrib.auth.decorators.loginrequired as done in the admi...