[SECURITY] [DLA DLA-649-1] python-django security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : python-django
Version : 1.4.22-1+deb7u1
CVE ID : CVE-2016-7401
It was discovered that there was a possible CSRF protection bypass on sites
that use Google Analytics in python-django, a High-level Python web
development framework.
More information can be found in the upstream announcement:
https://www.djangoproject.com/weblog/2016/sep/26/security-releases/
For Debian 7 "Wheezy", this issue has been fixed in python-django version
1.4.22-1+deb7u1.
We recommend that you upgrade your python-django packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJX9sCkAAoJEB6VPifUMR5Y/NkP/3pn6GIrzDur8U8jMGEpsrCL
Rx0iCzsPte80mRW7c5FQhqYtEFq5LKikjIoGeMeshUKck6vdXiI34TXhgvI8lvWi
NBtqcfSZptPsNnsXg3FrTgQ90DkExmnETDovGkBL00aXSXX4SV2bWrW9hiXIrQjt
URjr3mlp8Y18Liecmrcp7JAHIaO2G0YgUaoscIt/qDPPcw+grUYOyYk3IqpbMr88
HlgcSVlhTMCumSBKqF5/UdAq6N+orFN7exxmTquL/QridNrkP4nk9CAxuGcVed7P
DkeKyqM1+8LKb+X4HU0gL72WQHLpFmpV8MqFwThRi1lQJ3Zrq5Y4Sdgjxdk7e1Am
UVzs3m/iQ0G3h1jXfolT6lbA2WeJ9PCy4/RtiMYcjkAa/4AA9YqhLeAGsgZmFHPU
KryM0bVqVrIwqFu9pq0BB2g8DCeD1E+Bee31PBAfvpT7mJyx1bQ2lCS95yhvQMXk
yrfuWYelqBntC+XNN2dInILdsszv4621gEZJ1vo3zyhAJuanXRTowZRI2Ee2EkPu
kGG6lXKOQ45e7Ka1ER34l/uBRI9QmciGyFe4hlCVxJSTjtIRrjkvbPZRAZR/1Jtz
nPbJq1d13E8BegIBJi15oT5plFbPujXeifLO6JY8XyBjzvl1i0n6Rufbe1uw3rF6
uIUUTsL+0X6hiPVpcYUH
=hBTW
-----END PGP SIGNATURE-----
Reply to: