|
|
Subscribe / Log in / New account

python-django: information disclosure

Package(s):python-django CVE #(s):CVE-2014-1418
Created:May 15, 2014 Updated:May 27, 2014
Description: From the Ubuntu advisory:

Stephen Stewart, Michael Nelson, Natalia Bidart and James Westby discovered that Django improperly removed Vary and Cache-Control headers from HTTP responses when replying to a request from an Internet Explorer or Chrome Frame client. An attacker may use this to retrieve private data or poison caches. This update removes workarounds for bugs in Internet Explorer 6 and 7. (CVE-2014-1418)

Alerts:
openSUSE openSUSE-SU-2014:1132-1 python-django 2014-09-16
Gentoo 201406-26 django 2014-06-26
Mandriva MDVSA-2014:113 python-django 2014-06-10
Fedora FEDORA-2014-6440 python-django15 2014-05-26
Fedora FEDORA-2014-6442 python-django14 2014-05-26
Fedora FEDORA-2014-6454 python-django 2014-05-26
Fedora FEDORA-2014-6449 python-django 2014-05-26
Mageia MGASA-2014-0231 python-django 2014-05-19
Debian DSA-2934-1 python-django 2014-05-19
Mandriva MDVSA-2014:112 python-django 2014-06-10
Ubuntu USN-2212-1 python-django 2014-05-14
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds