openSUSE Security Update: update for python-django ______________________________________________________________________________
Announcement ID: openSUSE-SU-2012:0653-1 Rating: moderate References: #718045 Cross-References: CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140 Affected Products: openSUSE 11.4 ______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
python-django update version to 1.2.7 fixes several security issues including denial of service, CSRF and information leaks: https://www.djangoproject.com/weblog/2011/sep/10/127/
Patch Instructions:
To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product:
- openSUSE 11.4:
zypper in -t patch openSUSE-2012-294
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 11.4 (noarch):
python-django-1.2.7-6.1
References:
http://support.novell.com/security/cve/CVE-2011-4136.html http://support.novell.com/security/cve/CVE-2011-4137.html http://support.novell.com/security/cve/CVE-2011-4138.html http://support.novell.com/security/cve/CVE-2011-4139.html http://support.novell.com/security/cve/CVE-2011-4140.html https://bugzilla.novell.com/718045