From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4363-1
[email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 08, 2019
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : python-django
CVE ID : CVE-2019-3498
It was discovered that malformed URLs could spoof the content of the
default 404 page of Django, a Python web development framework.
For the stable distribution (stretch), this problem has been fixed in
version 1:1.10.7-2+deb9u4.
We recommend that you upgrade your python-django packages.
For the detailed security status of python-django please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-django
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
[email protected]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlw1J5wACgkQEMKTtsN8 TjaGFA/8D0IeHxZHwNCbqLyxKfMEiE5XzX6EYjuCazaCv3w2XDA9UC+uhitoDTgP N7SJSl58VXmzl+F+M1ZPc9wkBcHRFaCOvxNlBCIWeE2MKMPP7+56V5iH/7aIkZU8 IngFwMTB1Fg7hEwfsEDrxvmDWea4Z8Ttf13MC0hIYXUp06nkqr1JVXIk1t3iDbwp INKGFz1z7J5exV4v4leiyhMHYyHfdGQfN1Bdw0rSourFXHekyW91qaK6lp2XjAUt bnt0uYj2/YcsLlPsI8JjBAQOiaO35w43saeEoHqs+NHOK5G5yyzqSZplhPkX/gyN 4UMfh2YA9idzt5o19HyF7pvMu/r/TF3l9Ar0v0IjZYmuWnNceXHFwClLcWbjF/0f gBWdUYXNCIXnmCH9i210wGNlxEV4wKSEgnlLv+KYXWWLt9kE2NBioC1ASHKyNhn0 YEcAYOMjSJ8T4/MgGA+SkwshI9x5ijoxEePXQy7a/x9Mid4IXrEItO9Rf7K1jhIX eHgHi4tkZ4Y+Eath7B+Xn6r3FDsgmKCJFuMjzLgrV1BKbEho/unJFhHY4TXDicCJ 38uIf1MvdbNwG5ZNb7l3JFMyOX7F2ocA4wuPCZTMXL6UM/AzB1My6o7FPMTs05kM pmTQtQjSN8TQsFYnMQe6h4DTjwRb/xrHBAjzQ5l2aOxjZqs+Itc=
=LqXJ
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)