django-admin-caching (>=0.1.0 <=0.1.2), django-automated-logging (=0.0.1a0) +6 more potentially affected by CVE-2016-9013 via django (>=1.10.0 <=1.10.2)

django PYPI version =1.10.0, =0.1.0, =2.0.0, =0.1.0, =0.3.1, =0.4.0 - silent-auction =0.1.3 - teamvault =0.6.1 Source cves: CVE-2016-9013 Source advisory: OSV:GHSA-MV8G-FHH6-6267...

openSUSE Security Update : python3-Django (openSUSE-2018-318)

This update for python3-Django to version 1.18.18 fixes multiple issues. Security issues fixed : - CVE-2018-7537: Fixed catastrophic backtracking in django.utils.text.Truncator. bsc1083305 - CVE-2018-7536: Fixed catastrophic backtracking in urlize and urlizetrunc template filters bsc1083304. -...

Debian DSA-3835-1 : python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-9013 Marti Raudsepp reported that a user with a hard-coded password is created when running tests with ...

[SECURITY] [DSA 3835-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3835-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 26, 2017 https://www.debian.org/security/faq -...

Security fix for the ALT Linux 9 package python3-module-django version 1.8.17-alt1

Feb. 2, 2017 Alexey Shabalin 1.8.17-alt1 - 1.8.17 - fixed CVE-2016-9013,CVE-2016-9014...

Security fix for the ALT Linux 10 package python3-module-django version 1.8.17-alt1

Feb. 2, 2017 Alexey Shabalin 1.8.17-alt1 - 1.8.17 - fixed CVE-2016-9013,CVE-2016-9014...

ALPINE-CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...

CVE-2016-9013

CVE-2016-9013 affects Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3. Root cause: Django creates a temporary database user during Oracle tests and, if a password is not manually set in the TEST settings, a hardcoded password is used; this can allow remote DB access. CVE...

Fedora Update for python-django FEDORA-2016-d4571bf555

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for python-django FEDORA-2016-3eb5a55123

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : python-django (2016-d4571bf555)

Security fix for CVE-2016-9013, CVE-2016-9014 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

[ASA-201611-15] python-django: multiple issues

Arch Linux Security Advisory ASA-201611-15 ========================================== Severity: High Date : 2016-11-16 CVE-ID : CVE-2016-9013 CVE-2016-9014 Package : python-django Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...

[ASA-201611-14] python2-django: multiple issues

Arch Linux Security Advisory ASA-201611-14 ========================================== Severity: High Date : 2016-11-16 CVE-ID : CVE-2016-9013 CVE-2016-9014 Package : python2-django Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...

Fedora 24 : python-django (2016-3eb5a55123)

Security fix for CVE-2016-9013, CVE-2016-9014 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Updated python-django packages fix security vulnerabilities

User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...