19 matches found
RHEL 7 : python-django (RHSA-2016:0129)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0129 advisory. Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Operational Tools. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Fedora 22 : python-django-1.8.7-1.fc22 (2015-323274d412)
Update to 1.8.7 , fixing CVE-2015-8213 rhbz1285278 ---- python- django-1.8.4-1.fc22 - Do not install bash completion for python executables Ville Skytta, rhbz1253076 - CVE-2015-5963 Denial-of-service possibility in logout view by filling session store rhbz1254911 - CVE-2015-5964 Denial- of-servic...
Fedora 23 : python-django-1.8.7-1.fc23 (2015-a8c8f60fbd)
This update fixes CVE-2015-8213: Fixed settings leak possibility in date template filter, more info can be found https://www.djangoproject.com/weblog/2015/nov/24/security-releases-iss ued/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 7.0. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...
Moderate: Red Hat Security Advisory: python-django security update
Updated python-django packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Fedora Update for python-django FEDORA-2015-323274
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2015:2327-1 Security update for python-Django
This update for python-Django fixes the following issues: - Add 0004-1.6.x-fixed-a-settings-leak-possibility-in-the-date-.patch to prevent settings leak in date template filter bsc955412, CVE-2015-8213...
openSUSE Security Update : python-django (openSUSE-2015-860)
The python-django package was updated to fix the following security issue : - CVE-2015-8213: Fixed a problem to prevent settings leak in date template filter bnc955412 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Mageia: Security Advisory (MGASA-2015-0463)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2015-8213
The getformat function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRETKEY...
CVE-2015-8213
CVE-2015-8213 affects Django: get_format in utils/formats.py could expose sensitive settings (e.g., SECRET_KEY) when a format is taken from a settings key instead of a date/time format. Affected versions: Django 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2. Impact is informati...
Updated python-django packages fix security vulnerability
If an application allows users to specify an unvalidated format for dates and passes this format to the date filter, then a malicious user could obtain any secret in the application's settings by specifying a settings key instead of a date format CVE-2015-8213...
Security fix for the ALT Linux 9 package python3-module-django version 1.8.7-alt1
Nov. 27, 2015 Alexey Shabalin 1.8.7-alt1 - 1.8.7 - fixed CVE-2015-8213...
[SECURITY] [DLA 349-1] python-django security update
Package : python-django Version : 1.2.3-3+squeeze15 CVE ID : CVE-2015-8213 It was discovered that there was a potential settings leak in date template filter of Django, a web-development framework. If an application allows users to specify an unvalidated format for dates and passes this format to...
[SECURITY] [DSA 3404-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3404-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2015 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3404-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3404-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2015 https://www.debian.org/security/faq -...