openSUSE-SU-2018:2809-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2018:2809-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2018:2809-1
Related
Published
2018-08-16T18:44:03Z
Modified
2018-08-16T18:44:03Z
Summary
Security update for python-Django1
Details

This update for python-Django1 to version 1.11.15 fixes the following issues:

The following security vulnerability was fixed:

  • CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware (boo#1102680)

The following other bugs were fixed:

  • Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS 3.6.1+
  • Fixed a regression where altering a field with a unique constraint may drop and rebuild more foreign keys than necessary
  • Fixed crashes in django.contrib.admindocs when a view is a callable object, such as django.contrib.syndication.views.Feed
  • Fixed a regression where QuerySet.values() or values_list() after combining an annotated and unannotated queryset with union(), difference(), or intersection() crashed due to mismatching columns

This update was imported from the openSUSE:Leap:15.0:Update update project.

References

Affected packages

SUSE:Package Hub 15 / python-Django1

Package

Name
python-Django1
Purl
purl:rpm/suse/python-Django1&distro=SUSE%20Package%20Hub%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.15-bp150.3.3.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-Django1": "1.11.15-bp150.3.3.1"
        }
    ]
}