Advisories » MGASA-2016-0282

Updated python-django packages fix security vulnerability

Publication date: 31 Aug 2016
Modification date: 31 Aug 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-6186

Description

It was discovered that Django is prone to a cross-site scripting
vulnerability in the admin's add/change related popup (CVE-2016-6186).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=18979
• https://www.djangoproject.com/weblog/2016/jul/18/security-releases/
• https://www.debian.org/security/2016/dsa-3622
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6186

SRPMS

5/core

• python-django-1.8.14-1.mga5