Summary: | <dev-python/django-{1.1.4,1.2.5}: Multiple vulnerabilities (CVE-2011-{0696,0697}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Arfrever Frehtes Taifersar Arahesis (RETIRED) <arfrever> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | python |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.djangoproject.com/weblog/2011/feb/08/security/ | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Arfrever Frehtes Taifersar Arahesis (RETIRED)
2011-02-09 04:38:41 UTC
Stabilize dev-python/django-1.2.5. amd64 ok Per http://www.openwall.com/lists/oss-security/2011/02/09/6 the following CVEs have been assigned. CVE-2011-0696 django Flaw in CSRF handling CVE-2011-0697 django Potential XSS in file field rendering CVE-2011-0698 django Directory-traversal vulnerability on Windows Not including CVE-2011-0698 since it doesn't apply to us. x86 stable amd64 done. Thanks Agostino Thanks, folks. Closing noglsa for XSS+CSRF. Please reopen if you disagree. |