[Python-modules-team] Bug#905216: python-django: CVE-2018-14574: Open redirect possibility in CommonMiddleware

Salvatore Bonaccorso carnil at debian.org
Fri Aug 3 07:57:23 BST 2018


Hi Chris,

On Fri, Aug 03, 2018 at 07:24:20AM +0100, Chris Lamb wrote:
> [adding 874415 at bugs.debian.org to CC]
> 
> Hi Salvatore,
> 
> > > > There is as well a no-dsa tagged entry (CVE-2017-12794), which is only
> > > > relevant when "DEBUG = true". But as we do an update now via a DSA, we
> > > > can include this fix as well.
> > > 
> > > That makes sense. Shall I go ahead and add this CVE-2017-12794 and send
> > > another debdiff?
> > 
> > Yes please.
> 
> Full diff attached. Please let me know if this is okay to upload.

Thanks! Looks good to me, please go ahead with the upload to
security-master.

Regards,
Salvatore



More information about the Python-modules-team mailing list