Updated python-django packages fix security vulnerabilities
Publication date: 14 Mar 2018Modification date: 14 Mar 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-7536 , CVE-2018-7537
Description
The python-django package has been updated to fix 2 security issues. CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc template filters. CVE-2018-7537: Denial-of-service possibility in truncatechars_html and truncatewords_html template filters.
References
- https://bugs.mageia.org/show_bug.cgi?id=22727
- https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
- https://security-tracker.debian.org/tracker/CVE-2018-7536
- https://security-tracker.debian.org/tracker/CVE-2018-7537
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7536
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7537
SRPMS
6/core
- python-django-1.8.19-1.mga6