Mandriva Linux Security Advisory 2014-112 - Multiple vulnerabilities has been discovered and corrected in Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the Cache-Control header in responses, which allows remote attackers to obtain sensitive information or poison the cache via a request from certain browsers. Various other issues were also addressed. The updated packages have been patched to correct these issues.
f520b2a1af54463c5702534c185216ba941c354cf4597245c36aca5f2c74ab96-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:112
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : python-django
Date : June 10, 2014
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in
python-django:
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7
before 1.7b4 does not properly include the (1) Vary: Cookie or (2)
Cache-Control header in responses, which allows remote attackers to
obtain sensitive information or poison the cache via a request from
certain browsers (CVE-2014-1418).
The django.util.http.is_safe_url function in Django 1.4 before
1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4
does not properly validate URLs, which allows remote attackers to
conduct open redirect attacks via a malformed URL, as demonstrated
by http:\djangoproject.com. (CVE-2014-3730).
The django.core.urlresolvers.reverse function in Django before 1.4.11,
1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta
2 allows remote attackers to import and execute arbitrary Python
modules by leveraging a view that constructs URLs using user input
and a dotted Python path. (CVE-2014-0472).
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6,
1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached
CSRF token for all anonymous users, which allows remote attackers to
bypass CSRF protections by reading the CSRF cookie for anonymous users
(CVE-2014-0473).
The (1) FilePathField, (2) GenericIPAddressField, and (3)
IPAddressField model field classes in Django before 1.4.11,
1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta
2 do not properly perform type conversion, which allows remote
attackers to have unspecified impact and vectors, related to MySQL
typecasting. (CVE-2014-0474).
The updated packages have been patched to correct these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474
_______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5:
56dc2f984f2f82fc8000a6823eaa8413 mes5/i586/python-django-1.3.7-0.3mdvmes5.2.noarch.rpm
3395a6fca97c935c2d98d2d32cad9e14 mes5/SRPMS/python-django-1.3.7-0.3mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
1f6993703a66e4a050d922dce76ceb8c mes5/x86_64/python-django-1.3.7-0.3mdvmes5.2.noarch.rpm
3395a6fca97c935c2d98d2d32cad9e14 mes5/SRPMS/python-django-1.3.7-0.3mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFTlqxJmqjQ0CJFipgRAoppAJ48r1tyBrsBhwBC3ksnlYFApJXCBACgu/4Z
80F66i8fmTHg+g8N4aIuWyA=
=DOsW
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed