Oval Definition:
oval:org.cisecurity:def:195
Revision Date
:
2016-02-08
Version
:
2
Title
:
DSA-3338-1 -- python-django -- security update
Description
:
Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2015-5963
CVE-2015-5964
DSA-3338-1
Platform(s)
:
Debian 8
Debian GNU/kFreeBSD 7.0
Debian GNU/Linux 7.0
Product(s)
:
python-django
Definition Synopsis
Debian 7
Debian 7 is installed
AND
GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR
Debian GNU/kFreeBSD is installed
AND
python-django is earlier than 0:1.4.5-1+deb7u13
OR
Debian 8
Debian 8 is installed
AND
python-django is earlier than 0:1.7.7-1+deb8u2
BACK