Summary: | <dev-python/django-1.9.2: User with "change" but not "add" permission can create objects for ModelAdmin’s with save_as=True | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/ | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2016-02-02 11:07:57 UTC
commit 4c3de656ba4120e42605f338f1a6c604b9a6b061 Author: Justin Lecher <jlec@gentoo.org> Date: Tue Feb 2 16:05:40 2016 +0100 dev-python/django: Version Bump & clean versions vulnerable for CVE-2016-2048 Package-Manager: portage-2.2.27 Signed-off-by: Justin Lecher <jlec@gentoo.org> https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4c3de656ba4120e42605f338f1a6c604b9a6b061 @sec, tree is clean again. |