649748 – (CVE-2018-7536, CVE-2018-7537) <dev-python/django-1.11.5: security releases

Bug 649748 (CVE-2018-7536, CVE-2018-7537) - <dev-python/django-1.11.5: security releases

Summary: <dev-python/django-1.11.5: security releases

Status:	RESOLVED FIXED

Alias:	CVE-2018-7536, CVE-2018-7537

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor
Assignee:	Gentoo Security

URL:	http://www.openwall.com/lists/oss-sec...
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:	CVE-2017-12794
Blocks:
	Show dependency tree

Reported:	2018-03-06 15:03 UTC by Agostino Sarubbo
Modified:	2018-08-05 22:54 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2018-03-06 15:03:51 UTC

From ${URL} :

Today the Django team issued Django 2.0.3, 1.11.11, and 1.8.19 as part
of our security process. These releases address two security issues,
and we encourage all users to upgrade as soon as possible:

https://www.djangoproject.com/weblog/2018/mar/06/security-releases/

As a reminder, we ask that potential security issues be reported via
private email to security@...ngoproject.com and not via Django's Trac
instance or the django-developers list. Please see
https://www.djangoproject.com/security for further information.


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.

Comment 1 Virgil Dupras (RETIRED) gentoo-dev

2018-07-17 15:23:36 UTC

When bug 630064 is resolved, this bug will be resolved as well.