[Python-modules-team] Bug#918230: python-django: CVE-2019-3498: Content spoofing possibility in the default 404 page

Salvatore Bonaccorso carnil at debian.org
Fri Jan 4 14:58:02 GMT 2019

Source: python-django
Version: 1:1.11.17-2
Severity: grave
Tags: patch security upstream
Justification: user security hole
Control: found -1 2:2.1.4-2


The following vulnerability was published for python-django.

Content spoofing possibility in the default 404 page

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-3498
[1] https://www.djangoproject.com/weblog/2019/jan/04/security-releases/

Please adjust the affected versions in the BTS as needed.


More information about the Python-modules-team mailing list