Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
Description: Some vulnerabilities have been reported in Django, which can be exploited by malicious users to bypass certain security restrictions or malicious people to compromise a vulnerable system. 1) The bin/compile-messages.py script does not correctly escape the filename of .po message files. This can be exploited to execute arbitrary shell commands via a maliciously named .po file. 2) The authentication middleware incorrectly caches the "request.user" parameter between requests, which could be exploited to e.g. access pages as another user. The vulnerabilities are reported in version 0.95. Other versions may also be affected. Solution: Fixed in the SVN repository. http://code.djangoproject.com/changeset/3592 http://code.djangoproject.com/changeset/3754 Reproducible: Didn't try http://code.djangoproject.com/ticket/2702 http://code.djangoproject.com/changeset/3592 http://code.djangoproject.com/changeset/3754
Fixed with the revision bump from 0.95 to 0.95-r1: Patches from Debian added as stated in the Changelog. Thanks for reporting!
Django upstream released 0.95.1 and I've added that into portage as well.
closing without GLSA/stable marking, since django has not been marked stable on any arch thanks Tiziano/Seemant
