FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
cb116651-79db-4c09-93a2-c38f9df46724	django -- multiple vulnerabilities The Django project reports: Today the Django team released Django 1.10.3, Django 1.9.11, and 1.8.16. These releases addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible. User with hardcoded password created when running tests on Oracle DNS rebinding vulnerability when DEBUG=True Discovery 2016-11-01 Entry 2016-11-02 py27-django py33-django py34-django py35-django < 1.8.16 py27-django18 py33-django18 py34-django18 py35-django18 < 1.8.16 py27-django19 py33-django19 py34-django19 py35-django19 < 1.9.11 py27-django110 py33-django110 py34-django110 py35-django110 < 1.10.3 https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ CVE-2016-9013 CVE-2016-9014
dc880d6c-195d-11e7-8c63-0800277dcc69	django -- multiple vulnerabilities Django team reports: These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible. Open redirect and possible XSS attack via user-supplied numeric redirect URLs Open redirect vulnerability in django.views.static.serve() Discovery 2017-04-04 Entry 2017-04-04 py27-django py33-django py34-django py35-django py36-django < 1.8.18 py27-django18 py33-django18 py34-django18 py35-django18 py36-django18 < 1.8.18 py27-django19 py33-django19 py34-django19 py35-django19 py36-django19 < 1.9.13 py27-django110 py33-django110 py34-django110 py35-django110 py36-django110 < 1.10.7 https://www.djangoproject.com/weblog/2017/apr/04/security-releases/ CVE-2017-7233 CVE-2017-7234

VuXML ID

Description

cb116651-79db-4c09-93a2-c38f9df46724

django -- multiple vulnerabilities

The Django project reports:

Today the Django team released Django 1.10.3, Django 1.9.11, and 1.8.16. These releases addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

User with hardcoded password created when running tests on Oracle

DNS rebinding vulnerability when DEBUG=True

Discovery 2016-11-01
Entry 2016-11-02
py27-django
py33-django
py34-django
py35-django

< 1.8.16

py27-django18
py33-django18
py34-django18
py35-django18

< 1.8.16

py27-django19
py33-django19
py34-django19
py35-django19

< 1.9.11

py27-django110
py33-django110
py34-django110
py35-django110

< 1.10.3

https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
CVE-2016-9013
CVE-2016-9014

dc880d6c-195d-11e7-8c63-0800277dcc69

django -- multiple vulnerabilities

Django team reports:

These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

Open redirect and possible XSS attack via user-supplied numeric redirect URLs

Open redirect vulnerability in django.views.static.serve()

Discovery 2017-04-04
Entry 2017-04-04
py27-django
py33-django
py34-django
py35-django
py36-django

< 1.8.18

py27-django18
py33-django18
py34-django18
py35-django18
py36-django18

< 1.8.18

py27-django19
py33-django19
py34-django19
py35-django19
py36-django19

< 1.9.13

py27-django110
py33-django110
py34-django110
py35-django110
py36-django110

< 1.10.7

https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
CVE-2017-7233
CVE-2017-7234