MDVSA-2012:181

Nom du paquet

python-django

Date

2012-12-19

Advisory ID

MDVSA-2012:181

Affected versions

MES5 i586 , 2011 i586 , MES5 x86_64 , 2011 x86_64

Problem description

Multiple host header poisoning flaws were found and fixed in Django.

The updated packages have been upgraded to the 1.3.5 version which
is not affected by these issues.

Updated packages

MES5 i586

 189cf7c0f128d3bdba9ebcad3c317e10  mes5/i586/python-django-1.3.5-0.1mdvmes5.2.noarch.rpm 
 718498666c96f72637c64344602e3663  mes5/SRPMS/python-django-1.3.5-0.1mdvmes5.2.src.rpm

2011 i586

 1c502f3e2bca8c21cd01cbb55392594d  2011/i586/python-django-1.3.5-0.1-mdv2011.0.noarch.rpm 
 95481c13bf091a954188e16c170225bc  2011/SRPMS/python-django-1.3.5-0.1.src.rpm

MES5 x86_64

 059b3d18852337460f6f628cbf5f0f58  mes5/x86_64/python-django-1.3.5-0.1mdvmes5.2.noarch.rpm 
 718498666c96f72637c64344602e3663  mes5/SRPMS/python-django-1.3.5-0.1mdvmes5.2.src.rpm

2011 x86_64

 a6019295075b390d2dfdd4c226fafc8f  2011/x86_64/python-django-1.3.5-0.1-mdv2011.0.noarch.rpm 
 95481c13bf091a954188e16c170225bc  2011/SRPMS/python-django-1.3.5-0.1.src.rpm

References

• https://www.djangoproject.com/weblog/2012/dec/10/security/
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4520
• https://www.djangoproject.com/weblog/2012/oct/17/security/