drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Cross-Site Scripting in Django
Name: |
Cross-Site Scripting in Django |
|
ID: |
DSA-3622-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian jessie |
|
Datum: |
Di, 19. Juli 2016, 08:49 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186 |
|
Applikationen: |
Django |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-3622-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : python-django CVE ID : CVE-2016-6186
It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin's add/change related popup.
For the stable distribution (jessie), this problem has been fixed in version 1.7.7-1+deb8u5.
We recommend that you upgrade your python-django packages.
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJXjSyHAAoJEAVMuPMTQ89ESKkP+wTDvZVf9kX/fFhyRrxqOoZU WWt1MgVN0vpRCPGHXouOdCzjU5TqwfdtG2sgu2IPucF0q+lB2xxLMcDpyrPPPuK9 pq8hrk0ZkwCtthVeeorLaakNmu/PrzMZ1Bs7JbkbghES83/+KiMLjDXlwVewD28W 09D/SHwjaXUq94LJ2FNE2z+NnhRtJI47ASrHqLXHB+EmXsAgRRKSv6SqIs/e5uOa +Zdg5oPYw6JaRlKmY11O2G51Xo9pENBsSHiZDrC7YeSf7Nqt8i82/V1f2lHCnWak Yn9eiKT8+k6dqoIIvDGun1jQLGqFvL6IGMPsL094ZGgASE0ePGVFCxKcmCy7zGuB gThVAiJCAl8htRu9zoX1zp1cQ6J/Nh8KV5+OpCe+Be0ZdRqalX29Z1iryB1pkfzg aD+Z8AnaNdcdaV0QHtDLjL//mUseLnBTKaDaDWVbQpZJPD7CVMkGbsnyQrk1Cv5F V8GNloBtyHwD7I19DTEjq780hPvc//3O037WtpXIRdLpge2N6EUvuUYVJS4vHjPV MfGiIMbZnIZwtBfP0VMFswEo4mAVPWCAdgwSKYt6q417NgxMKdhyCX2ESXGSJK1t ZssFxOSZkYHUlW9jg6DHA5/vQZKIIUhDNzYnHaVrbyhpgtRBIEIuMYGBfNFleVLY O3zjiwqVzI9aXTQe00ep =qvZN -----END PGP SIGNATURE-----
|
|
|
|