FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-20 14:15:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3c5579f7-294a-11e4-99f6-00e0814cab4e	django -- multiple vulnerabilities The Django project reports: These releases address an issue with reverse() generating external URLs; a denial of service involving file uploads; a potential session hijacking issue in the remote-user middleware; and a data leak in the administrative interface. We encourage all users of Django to upgrade as soon as possible. Discovery 2014-08-20 Entry 2014-08-21 py27-django >= 1.6 lt 1.6.6 py27-django15 >= 1.5 lt 1.5.9 py27-django14 >= 1.4 lt 1.4.14 py32-django >= 1.6 lt 1.6.6 py32-django15 >= 1.5 lt 1.5.9 py33-django >= 1.6 lt 1.6.6 py33-django15 >= 1.5 lt 1.5.9 py34-django >= 1.6 lt 1.6.6 py34-django15 >= 1.5 lt 1.5.9 py27-django-devel < 20140821,1 py32-django-devel < 20140821,1 py33-django-devel < 20140821,1 py34-django-devel < 20140821,1 https://www.djangoproject.com/weblog/2014/aug/20/security/ CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483
59e72db2-cae6-11e3-8420-00e0814cab4e	django -- multiple vulnerabilities The Django project reports: These releases address an unexpected code-execution issue, a caching issue which can expose CSRF tokens and a MySQL typecasting issue. While these issues present limited risk and may not affect all Django users, we encourage all users to evaluate their own risk and upgrade as soon as possible. Discovery 2014-04-21 Entry 2014-04-23 Modified 2014-04-30 py26-django >= 1.6 lt 1.6.3 py27-django >= 1.6 lt 1.6.3 py31-django >= 1.6 lt 1.6.3 py32-django >= 1.6 lt 1.6.3 py33-django >= 1.6 lt 1.6.3 py34-django >= 1.6 lt 1.6.3 py26-django15 >= 1.5 lt 1.5.6 py27-django15 >= 1.5 lt 1.5.6 py31-django15 >= 1.5 lt 1.5.6 py32-django15 >= 1.5 lt 1.5.6 py33-django15 >= 1.5 lt 1.5.6 py34-django15 >= 1.5 lt 1.5.6 py26-django14 >= 1.4 lt 1.4.11 py27-django14 >= 1.4 lt 1.4.11 py31-django14 >= 1.4 lt 1.4.11 py32-django14 >= 1.4 lt 1.4.11 py33-django14 >= 1.4 lt 1.4.11 py34-django14 >= 1.4 lt 1.4.11 py26-django-devel < 20140423,1 py27-django-devel < 20140423,1 https://www.djangoproject.com/weblog/2014/apr/21/security/ CVE-2014-0472 CVE-2014-0473 CVE-2014-0474

VuXML ID

Description

3c5579f7-294a-11e4-99f6-00e0814cab4e

django -- multiple vulnerabilities

The Django project reports:

These releases address an issue with reverse() generating external URLs; a denial of service involving file uploads; a potential session hijacking issue in the remote-user middleware; and a data leak in the administrative interface. We encourage all users of Django to upgrade as soon as possible.

Discovery 2014-08-20
Entry 2014-08-21
py27-django

>= 1.6 lt 1.6.6

py27-django15

>= 1.5 lt 1.5.9

py27-django14

>= 1.4 lt 1.4.14

py32-django

>= 1.6 lt 1.6.6

py32-django15

>= 1.5 lt 1.5.9

py33-django

>= 1.6 lt 1.6.6

py33-django15

>= 1.5 lt 1.5.9

py34-django

>= 1.6 lt 1.6.6

py34-django15

>= 1.5 lt 1.5.9

py27-django-devel

< 20140821,1

py32-django-devel

< 20140821,1

py33-django-devel

< 20140821,1

py34-django-devel

< 20140821,1

https://www.djangoproject.com/weblog/2014/aug/20/security/
CVE-2014-0480
CVE-2014-0481
CVE-2014-0482
CVE-2014-0483

59e72db2-cae6-11e3-8420-00e0814cab4e

django -- multiple vulnerabilities

The Django project reports:

These releases address an unexpected code-execution issue, a caching issue which can expose CSRF tokens and a MySQL typecasting issue. While these issues present limited risk and may not affect all Django users, we encourage all users to evaluate their own risk and upgrade as soon as possible.

Discovery 2014-04-21
Entry 2014-04-23
Modified 2014-04-30
py26-django

>= 1.6 lt 1.6.3

py27-django

>= 1.6 lt 1.6.3

py31-django

>= 1.6 lt 1.6.3

py32-django

>= 1.6 lt 1.6.3

py33-django

>= 1.6 lt 1.6.3

py34-django

>= 1.6 lt 1.6.3

py26-django15

>= 1.5 lt 1.5.6

py27-django15

>= 1.5 lt 1.5.6

py31-django15

>= 1.5 lt 1.5.6

py32-django15

>= 1.5 lt 1.5.6

py33-django15

>= 1.5 lt 1.5.6

py34-django15

>= 1.5 lt 1.5.6

py26-django14

>= 1.4 lt 1.4.11

py27-django14

>= 1.4 lt 1.4.11

py31-django14

>= 1.4 lt 1.4.11

py32-django14

>= 1.4 lt 1.4.11

py33-django14

>= 1.4 lt 1.4.11

py34-django14

>= 1.4 lt 1.4.11

py26-django-devel

< 20140423,1

py27-django-devel

< 20140423,1

https://www.djangoproject.com/weblog/2014/apr/21/security/
CVE-2014-0472
CVE-2014-0473
CVE-2014-0474