FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

django -- multiple vulnerabilities

Affected packages
1.5 <= py26-django < 1.5.3
1.4 <= py26-django < 1.4.7
1.5 <= py27-django < 1.5.3
1.4 <= py27-django < 1.4.7
py26-django-devel < 20130912,1
py27-django-devel < 20130912,1

Details

VuXML ID a851b305-1bc3-11e3-95b7-00e0814cab4e
Discovery 2013-09-10
Entry 2013-09-12
Modified 2014-04-30

The Django project reports:

These releases address a directory-traversal vulnerability in one of Django's built-in template tags. While this issue requires some fairly specific factors to be exploitable, we encourage all users of Django to upgrade promptly.

References

CVE Name CVE-2013-4315
URL https://www.djangoproject.com/weblog/2013/sep/10/security-releases-issued/