-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-16440 2012-10-18 22:03:01 --------------------------------------------------------------------------------
Name : Django Product : Fedora 17 Version : 1.4.2 Release : 1.fc17 URL : http://www.djangoproject.com/ Summary : A high-level Python Web framework Description : Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle.
-------------------------------------------------------------------------------- Update Information:
Security releases issued - Host header poisoning -------------------------------------------------------------------------------- ChangeLog:
* Thu Oct 18 2012 Matthias Runge mrunge@redhat.com - 1.4.2-1 - security update to upstream version 1.4.2-1 https://www.djangoproject.com/weblog/2012/oct/17/security/ * Wed Aug 1 2012 Alan Pevec apevec@redhat.com 1.4.1-1 - security release https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/ fixes CVE-2012-3442 CVE-2012-3443 CVE-2012-3444 * Wed May 30 2012 Matthias Runge mrunge@matthias-runge.de - 1.4-3 - fix for FTBFS using python 2.7.3 (thanks to M.Cepl) * Sun Apr 1 2012 Matthias Runge mrunge@matthias-runge.de - 1.4-2 - include forgotten %bcond_with internet - fix language handling for el6 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #865164 - CVE-2012-4520 Django: Host header poisoning vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=865164 --------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use su -c 'yum update Django' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org