mirror of
https://git.busybox.net/buildroot.git
synced 2024-12-11 14:23:52 +08:00
23ed2cf2dc
Fixes: CVE-2015-0219 - incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. CVE-2015-0220 - incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. CVE-2015-0221 - incorrectly handled reading files in django.views.static.serve(). A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service. CVE-2015-0222 - incorrectly handled forms with ModelMultipleChoiceField. A remote attacker could possibly use this issue to cause a large number of SQL queries, resulting in a database denial of service. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
3 lines
168 B
Plaintext
3 lines
168 B
Plaintext
# sha256 from https://www.djangoproject.com/m/pgp/Django-1.7.3.checksum.txt
|
|
sha256 f226fb8aa438456968d403f6739de1cf2dad128db86f66ee2b41dfebe3645c5b Django-1.7.3.tar.gz
|