[Python-modules-team] Bug#905216: python-django: CVE-2018-14574: Open redirect possibility in CommonMiddleware
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 3 07:57:23 BST 2018
Hi Chris,
On Fri, Aug 03, 2018 at 07:24:20AM +0100, Chris Lamb wrote:
> [adding 874415 at bugs.debian.org to CC]
>
> Hi Salvatore,
>
> > > > There is as well a no-dsa tagged entry (CVE-2017-12794), which is only
> > > > relevant when "DEBUG = true". But as we do an update now via a DSA, we
> > > > can include this fix as well.
> > >
> > > That makes sense. Shall I go ahead and add this CVE-2017-12794 and send
> > > another debdiff?
> >
> > Yes please.
>
> Full diff attached. Please let me know if this is okay to upload.
Thanks! Looks good to me, please go ahead with the upload to
security-master.
Regards,
Salvatore
More information about the Python-modules-team
mailing list