21 matches found
openSUSE Security Update : python3-Django (openSUSE-2018-318)
This update for python3-Django to version 1.18.18 fixes multiple issues. Security issues fixed : - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters bsc1083304. -...
Security fix for the ALT Linux 9 package python3-module-django version 1.8.15-alt1
Oct. 24, 2016 Alexey Shabalin 1.8.15-alt1 - 1.8.15 - fixed CVE-2016-2512,CVE-2016-2513,CVE-2016-6186,CVE-2016-7401...
Security fix for the ALT Linux 10 package python3-module-django version 1.8.15-alt1
Oct. 24, 2016 Alexey Shabalin 1.8.15-alt1 - 1.8.15 - fixed CVE-2016-2512,CVE-2016-2513,CVE-2016-6186,CVE-2016-7401...
CVE-2016-2513
The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests...
CVE-2016-2513
CVE-2016-2513 affects Django prior to 1.8.10 and 1.9.x prior to 1.9.3, where the password hasher upgrade timing can enable remote user enumeration via login requests. Mitigations documented in various advisories include upgrading Django to a patched release (1.8.10+ or 1.9.3+). Exploitation detai...
Debian DSA-3544-1 : python-django - security update
Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-2512 Mark Striemer discovered that some user-supplied redirect URLs containing basic authentication...
[SECURITY] [DSA 3544-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3544-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3544-1] python-django security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3544-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 07, 2016 https://www.debian.org/security/faq -...
DSA-3544-1 python-django - security update
Bulletin has no description...
Moderate: Red Hat Security Advisory: python-django security update
An update for python-django is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Moderate: Red Hat Security Advisory: python-django security update
An update for python-django is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Fedora 23 : python-django-1.8.11-1.fc23 (2016-11183ea08d)
fix regression in 1.8.10 ---- update to 1.8.10, fixing CVE-2016-2512, CVE-2016-2513 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora Update for python-django FEDORA-2016-11183
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Django regression (USN-2915-3)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2915-3 advisory. USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem by...
Ubuntu 14.04 LTS : Django regression (USN-2915-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2915-2 advisory. USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem by...
Ubuntu: Security Advisory (USN-2915-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-2915-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2915-2: Django regression
USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem by applying the complete upstream regression fix. Original advisory details: Mark Striemer discovered that Django incorrectly handled...
Updated python-django packages fix security vulnerability
Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. CVE-2016-2512 Sjoerd Job Postmus discovered that Djan...
Ubuntu: Security Advisory (USN-2915-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...