Debian Security Advisory
DSA-4476-1 python-django -- security update
- Date Reported:
- 05 Jul 2019
- Affected Packages:
- python-django
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2019-6975, CVE-2019-12308, CVE-2019-12781.
- More information:
-
Three security issues were found in Django, a Python web development framework, which could result in denial of service, incomplete sanitisation of clickable links or missing redirects of HTTP requests to HTTPS.
For the stable distribution (stretch), these problems have been fixed in version 1:1.10.7-2+deb9u5.
We recommend that you upgrade your python-django packages.
For the detailed security status of python-django please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-django