[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: python-django and CVE-2016-9014

On 11/4/2016 4:34 AM, Guido Günther wrote:

> On Fri, Nov 04, 2016 at 10:32:43AM +0000, Chris Lamb wrote:
>> Guido Günther wrote:
>>> Isn't this also affected by a rebinding attack since we allow any host
>>> in debug mode?

You are correct, I am not sure what was registering when I looked at the
code. I won't be in a position to update the tracker till a little
later, but I will update it later if someone doesn't beat me to it.
Sorry for the confusion.

- Nicholas

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: