openSUSE Security Update: update for python-django ______________________________________________________________________________ Announcement ID: openSUSE-SU-2012:0653-1 Rating: moderate References: #718045 Cross-References: CVE-2011-4136 CVE-2011-4137 CVE-2011-4138 CVE-2011-4139 CVE-2011-4140 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: python-django update version to 1.2.7 fixes several security issues including denial of service, CSRF and information leaks: https://www.djangoproject.com/weblog/2011/sep/10/127/ Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch openSUSE-2012-294 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (noarch): python-django-1.2.7-6.1 References: http://support.novell.com/security/cve/CVE-2011-4136.html http://support.novell.com/security/cve/CVE-2011-4137.html http://support.novell.com/security/cve/CVE-2011-4138.html http://support.novell.com/security/cve/CVE-2011-4139.html http://support.novell.com/security/cve/CVE-2011-4140.html https://bugzilla.novell.com/718045