FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

django -- multiple vulnerabilities

Affected packages
1.4 <= py27-django < 1.4.20
1.6 <= py27-django < 1.6.11
1.7 <= py27-django < 1.7.7
1.4 <= py32-django < 1.4.20
1.6 <= py32-django < 1.6.11
1.7 <= py32-django < 1.7.7
1.4 <= py33-django < 1.4.20
1.6 <= py33-django < 1.6.11
1.7 <= py33-django < 1.7.7
1.4 <= py34-django < 1.4.20
1.6 <= py34-django < 1.6.11
1.7 <= py34-django < 1.7.7
py27-django-devel < 20150326,1
py32-django-devel < 20150326,1
py33-django-devel < 20150326,1
py34-django-devel < 20150326,1

Details

VuXML ID 62287f51-d43d-11e4-879c-00e0814cab4e
Discovery 2015-03-18
Entry 2015-03-27

The Django project reports:

In accordance with our security release policy, the Django team is issuing multiple releases -- Django 1.4.20, 1.6.11, 1.7.7 and 1.8c1. These releases are now available on PyPI and our download page. These releases address several security issues detailed below. We encourage all users of Django to upgrade as soon as possible. The Django master branch has also been updated.

References

CVE Name CVE-2015-2316
CVE Name CVE-2015-2317
URL https://www.djangoproject.com/weblog/2015/mar/18/security-releases/