Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Fedora 22 Update: python-django 1.8.7 DoS Threat Resolution

fedora
Calendar Grey December 31, 2015
Dist Fedora Esm H88
Updates for python-django in Fedora 22 resolve significant DoS vulnerabilities and enhance session management.
Update to 1.8.7 , fixing CVE-2015-8213 (rhbz#1285278) ---- python- django-1.8.4-1.fc22 - Do not install bash completion for python executables (Ville Skyttä, rhbz#1253076) - CV...

Summary

Django is a high-level Python Web framework that encourages rapid

development and a clean, pragmatic design. It focuses on automating as

much as possible and adhering to the DRY (Don't Repeat Yourself)

principle.

Update Information:

Update to 1.8.7 , fixing CVE-2015-8213 (rhbz#1285278) ---- python- django-1.8.4-1.fc22 - Do not install bash completion for python executables (Ville Skyttä, rhbz#1253076) - CVE-2015-5963 Denial-of-service possibility in logout() view by filling session store (rhbz#1254911) - CVE-2015-5964 Denial- of-service possibility in logout() view by filling session store (rhbz#1252891) python-django-1.8.4-1.fc23 - Do not install bash completion for python executables (Ville Skyttä, rhbz#1253076) - CVE-2015-5963 Denial-of-service possibility in logout() view by filling session store (rhbz#1254911) - CVE-2015-5964 Denial-of-service possibility in logout() view by filling session store (rhbz#1252891)

Change Log

References


[ 1 ] Bug #1285278 - CVE-2015-8213 python-django: Information leak through date template filter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1285278

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update python-django' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python-django
Product: Fedora 22
Version: 1.8.7
Release: 1.fc22
Summary: A high-level Python Web framework

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here