[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA DLA-649-1] python-django security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : python-django
Version        : 1.4.22-1+deb7u1
CVE ID         : CVE-2016-7401

It was discovered that there was a possible CSRF protection bypass on sites
that use Google Analytics in python-django, a High-level Python web
development framework.

More information can be found in the upstream announcement:

   https://www.djangoproject.com/weblog/2016/sep/26/security-releases/

For Debian 7 "Wheezy", this issue has been fixed in python-django version
1.4.22-1+deb7u1.

We recommend that you upgrade your python-django packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJX9sCkAAoJEB6VPifUMR5Y/NkP/3pn6GIrzDur8U8jMGEpsrCL
Rx0iCzsPte80mRW7c5FQhqYtEFq5LKikjIoGeMeshUKck6vdXiI34TXhgvI8lvWi
NBtqcfSZptPsNnsXg3FrTgQ90DkExmnETDovGkBL00aXSXX4SV2bWrW9hiXIrQjt
URjr3mlp8Y18Liecmrcp7JAHIaO2G0YgUaoscIt/qDPPcw+grUYOyYk3IqpbMr88
HlgcSVlhTMCumSBKqF5/UdAq6N+orFN7exxmTquL/QridNrkP4nk9CAxuGcVed7P
DkeKyqM1+8LKb+X4HU0gL72WQHLpFmpV8MqFwThRi1lQJ3Zrq5Y4Sdgjxdk7e1Am
UVzs3m/iQ0G3h1jXfolT6lbA2WeJ9PCy4/RtiMYcjkAa/4AA9YqhLeAGsgZmFHPU
KryM0bVqVrIwqFu9pq0BB2g8DCeD1E+Bee31PBAfvpT7mJyx1bQ2lCS95yhvQMXk
yrfuWYelqBntC+XNN2dInILdsszv4621gEZJ1vo3zyhAJuanXRTowZRI2Ee2EkPu
kGG6lXKOQ45e7Ka1ER34l/uBRI9QmciGyFe4hlCVxJSTjtIRrjkvbPZRAZR/1Jtz
nPbJq1d13E8BegIBJi15oT5plFbPujXeifLO6JY8XyBjzvl1i0n6Rufbe1uw3rF6
uIUUTsL+0X6hiPVpcYUH
=hBTW
-----END PGP SIGNATURE-----
Reply to: