Bug 6162 - python-django missing update for multiple security issues
Summary: python-django missing update for multiple security issues
Status: RESOLVED INVALID
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 1
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact:
URL: http://lwn.net/Vulnerabilities/465027/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-05-29 23:03 CEST by David Walser
Modified: 2012-06-21 18:34 CEST (History)
2 users (show)

See Also:
Source RPM: python-django-1.3-1.mga1.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2012-05-29 23:03:45 CEST 
Advisories for these issues have been issued by Ubuntu, Debian, and SuSE:
http://www.ubuntu.com/usn/usn-1297-1/ (December 8)
http://www.debian.org/security/2011/dsa-2332 (October 29)
http://lists.opensuse.org/opensuse-updates/2012-05/msg00037.html (today)

CVEs are:
CVE-2011-4136
CVE-2011-4137
CVE-2011-4138
CVE-2011-4139
CVE-2011-4140

The solution is to upgrade to 1.3.1 (already available in Mageia 2).
David Walser 2012-06-14 21:04:45 CEST

CC: (none) => misc

David Walser 2012-06-19 03:14:57 CEST

CC: (none) => makowski.mageia

Comment 1 Philippe Makowski 2012-06-21 18:29:19 CEST 
1.3.1 is allready in Mageia 1 :
* lun. 12 sept. 2011 14:00:00 CEST misc <misc> 1.3.1-1.mga1
        
        + Revision: 142754
        - security update, fix several issues ( list on https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/ )


urpmq -f python-django
python-django-1.3-1.mga1.noarch|python-django-1.3.1-1.mga1.noarch|python-django-1.3-1.mga1.noarch|python-django-1.3.1-1.mga1.noarch
Comment 2 David Walser 2012-06-21 18:34:38 CEST 
Whoops, thanks Philippe.

Status: NEW => RESOLVED
Resolution: (none) => INVALID
Note You need to log in before you can comment on or make changes to this bug.