This update for python-Django fixes the following security issues:
CVE-2016-2512: The utils.http.issafeurl function allowed remote attackers
to redirect users to arbitrary web sites and conduct phishing attacks or
possibly conduct cross-site scripting (XSS) attacks via a URL containing basic
authentication (bsc#967999).
CVE-2018-7536: The django.utils.html.urlize() function was extremely slow to
evaluate certain inputs due to catastrophic backtracking vulnerabilities
(bsc#1083304).
CVE-2018-7537: If django.utils.text.Truncator's chars() and words() methods
were passed the html=True argument, they were extremely slow to evaluate
certain inputs due to a catastrophic backtracking vulnerability in a regular
expression (bsc#1083305).