Commit 6a10b749 authored by Rhonda D'Vine's avatar Rhonda D'Vine 🏳🌈

BSA-088 python-django, BSA-090 xorg-server

parent 145a04dc
......@@ -85,6 +85,6 @@
085 roundcube
086 strongswan
087 openssh
088 python-django
090 xorg-server
[[!meta date="2013-12-09 20:55:11 UTC"]]
Dominic Hargreaves uploaded new packages for python-django which fixed the
following security problems:
Nick Brunn reported a possible cross-site scripting vulnerability in
python-django, a high-level Python web development framework.
The is_safe_url utility function used to validate that a used URL is on
the current host to avoid potentially dangerous redirects from
maliciously-constructed querystrings, worked as intended for HTTP and
HTTPS URLs, but permitted redirects to other schemes, such as
The is_safe_url function has been modified to properly recognize and
reject URLs which specify a scheme other than HTTP or HTTPS, to prevent
cross-site scripting attacks through redirecting to other schemes.
Rainer Koirikivi discovered a directory traversal vulnerability with
'ssi' template tags in python-django, a high-level Python web
development framework.
It was shown that the handling of the 'ALLOWED_INCLUDE_ROOTS' setting,
used to represent allowed prefixes for the {% ssi %} template tag, is
vulnerable to a directory traversal attack, by specifying a file path
which begins as the absolute path of a directory in
'ALLOWED_INCLUDE_ROOTS', and then uses relative paths to break free.
To exploit this vulnerability an attacker must be in a position to alter
templates on the site, or the site to be attacked must have one or more
templates making use of the 'ssi' tag, and must allow some form of
unsanitized user input to be used as an argument to the 'ssi' tag.
It was discovered that python-django, a high-level Python web
develompent framework, is prone to a denial of service vulnerability
via large passwords.
A non-authenticated remote attacker could mount a denial of service by
submitting arbitrarily large passwords, tying up server resources in
the expensive computation of the corresponding hashes to verify the
For the squeeze-backports distribution the problems have been fixed in
version 1.4.5-1+deb7u4~bpo60+1.
[[!meta date="2013-12-15 11:53:55 UTC"]]
intrigeri uploaded new packages for xorg-server which fixed the
following security problem:
Pedro Ribeiro discovered a use-after-free in the handling of
ImageText requests in the Xorg Xserver, which could result in denial
of service or privilege escalation.
For the squeeze-backports distribution, this problem has been fixed in
version 1.10.4-1~bpo60+2.
For the oldstable distribution (squeeze), this problem has been fixed
in version 1.7.7-17.
For the stable distribution (wheezy), this problem has been fixed in
version 1.12.4-6+deb7u1.
For the testing (jessie) and unstable (sid) distributions, this
problem has been fixed in version 1.14.3-4.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment