DSA-3835-1 python-django - security update

Bulletin has no description...

DSA-3544-1 python-django - security update

Bulletin has no description...

MGASA-2016-0096 Updated python-django packages fix security vulnerability

Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. CVE-2016-2512 Sjoerd Job Postmus discovered that Djan...

SUSE-SU-2016:0040-1 Security update for python-Django

This update for python-Django fixes the following issues: - Prevent settings leak in date template filter. bsc955412, CVE-2015-8213...

MGASA-2015-0463 Updated python-django packages fix security vulnerability

If an application allows users to specify an unvalidated format for dates and passes this format to the date filter, then a malicious user could obtain any secret in the application's settings by specifying a settings key instead of a date format CVE-2015-8213...

SUSE-SU-2015:0694-1 Security update for python-Django

python-Django has been updated to fix two vulnerabilities: URLs starting with control characters could have allowed XSS cross-site-scripting attacks via user-supplied redirect URLs CVE-2015-2317 An infinite loop possibility could be triggered in the striptags function, which allowed denial of...

openSUSE Security Update : python-django (openSUSE-SU-2014:1132-1)

Python Django was updated to fix security issues and bugs. Update to version 1.4.15 on openSUSE 12.3 : + Prevented reverse from generating URLs pointing to other hosts to prevent phishing attacks bnc893087, CVE-2014-0480 + Removed On algorithm when uploading duplicate file names to fix file uploa...