cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
928311206f
openbsd-ports/www/py-django
History
sthen 195eaac041 SECURITY update; py-Django 1.4.5 
https://www.djangoproject.com/weblog/2013/feb/19/security/

- Host header poisoning: an attacker could cause Django to generate
and display URLs that link to arbitrary domains.

- Formset denial-of-service: an attacker can abuse Django's tracking
of the number of forms in a formset to cause a denial-of-service attack.

- XML attacks: Django's serialization framework was vulnerable to
attacks via XML entity expansion and external references.

- Data leakage via admin history log: Django's admin interface could
expose supposedly-hidden information via its history log.
2013-03-02 12:47:49 +00:00
..
patches Update django to 1.4, ok Ryan Boggs (maintainer). 2012-05-10 20:04:48 +00:00
pkg SECURITY update; py-Django 1.4.5 2013-03-02 12:47:49 +00:00
distinfo SECURITY update; py-Django 1.4.5 2013-03-02 12:47:49 +00:00
Makefile SECURITY update; py-Django 1.4.5 2013-03-02 12:47:49 +00:00