SUSE-SU-2016:0044-1

Source
https://www.suse.com/support/update/announcement/2016/suse-su-20160044-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:0044-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2016:0044-1
Related
Published
2016-01-07T11:04:29Z
Modified
2016-01-07T11:04:29Z
Summary
Security update for python-Django
Details

This update fixes the following security issues:

  • (bnc#955412, CVE-2015-8213) Possible settings leak in date template filter

  • (bnc#937522, CVE-2015-5143) Possible denial-of-service in session store

  • (bnc#937523, CVE-2015-5144) Possible Header injection

  • (bnc#941587, CVE-2015-5963) Possible denial-of-service by filling session store via logout()

References

Affected packages

SUSE:Enterprise Storage 2 / python-Django

Package

Name
python-Django
Purl
pkg:rpm/suse/python-Django&distro=SUSE%20Enterprise%20Storage%202

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.11-3.1

Ecosystem specific

{
    "binaries": [
        {
            "python-Django": "1.6.11-3.1"
        }
    ]
}