You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa python-django

Sigurnosni nedostatak programskog paketa python-django

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4363-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
January 08, 2019 https://www.debian.org/security/faq
– ————————————————————————-

Package : python-django
CVE ID : CVE-2019-3498

It was discovered that malformed URLs could spoof the content of the
default 404 page of Django, a Python web development framework.

For the stable distribution (stretch), this problem has been fixed in
version 1:1.10.7-2+deb9u4.

We recommend that you upgrade your python-django packages.

For the detailed security status of python-django please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-django

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlw1J5wACgkQEMKTtsN8
TjaGFA/8D0IeHxZHwNCbqLyxKfMEiE5XzX6EYjuCazaCv3w2XDA9UC+uhitoDTgP
N7SJSl58VXmzl+F+M1ZPc9wkBcHRFaCOvxNlBCIWeE2MKMPP7+56V5iH/7aIkZU8
IngFwMTB1Fg7hEwfsEDrxvmDWea4Z8Ttf13MC0hIYXUp06nkqr1JVXIk1t3iDbwp
INKGFz1z7J5exV4v4leiyhMHYyHfdGQfN1Bdw0rSourFXHekyW91qaK6lp2XjAUt
bnt0uYj2/YcsLlPsI8JjBAQOiaO35w43saeEoHqs+NHOK5G5yyzqSZplhPkX/gyN
4UMfh2YA9idzt5o19HyF7pvMu/r/TF3l9Ar0v0IjZYmuWnNceXHFwClLcWbjF/0f
gBWdUYXNCIXnmCH9i210wGNlxEV4wKSEgnlLv+KYXWWLt9kE2NBioC1ASHKyNhn0
YEcAYOMjSJ8T4/MgGA+SkwshI9x5ijoxEePXQy7a/x9Mid4IXrEItO9Rf7K1jhIX
eHgHi4tkZ4Y+Eath7B+Xn6r3FDsgmKCJFuMjzLgrV1BKbEho/unJFhHY4TXDicCJ
38uIf1MvdbNwG5ZNb7l3JFMyOX7F2ocA4wuPCZTMXL6UM/AzB1My6o7FPMTs05kM
pmTQtQjSN8TQsFYnMQe6h4DTjwRb/xrHBAjzQ5l2aOxjZqs+Itc=
=LqXJ
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2019-01-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa source-to-image

Otkriven je sigurnosni nedostatak u programskom paketu source-to-image za operacijski sustav Red Hat. Otkriveni nedostatak potencijalnim napadačima omogućuje stjecanje uvećanih...

Close