[Python-modules-team] Bug#918230: python-django: CVE-2019-3498: Content spoofing possibility in the default 404 page
Moritz Muehlenhoff
jmm at inutil.org
Fri Jan 4 18:08:34 GMT 2019
On Fri, Jan 04, 2019 at 07:00:19PM +0100, Chris Lamb wrote:
> found 918230 1:1.10.7-2+deb9u3
> thanks
>
> [Adding team at security.debian.org to CC]
>
> Hi Salvatore,
>
> > Source: python-django
> > Version: 1:1.11.17-2
> [..]
> > CVE-2019-3498[0]:
> > Content spoofing possibility in the default 404 page
>
> This also affects stable from my reading of the code. Shall I
> prepare an upload to stretch-security?
>
> (I'm preparing one for unstable, experimental and oldstable anyway,
> so...)
Please do.
Cheers,
Moritz
More information about the Python-modules-team
mailing list