FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
59e72db2-cae6-11e3-8420-00e0814cab4edjango -- multiple vulnerabilities

The Django project reports:

These releases address an unexpected code-execution issue, a caching issue which can expose CSRF tokens and a MySQL typecasting issue. While these issues present limited risk and may not affect all Django users, we encourage all users to evaluate their own risk and upgrade as soon as possible.


Discovery 2014-04-21
Entry 2014-04-23
Modified 2014-04-30
py26-django
ge 1.6 lt 1.6.3

py27-django
ge 1.6 lt 1.6.3

py31-django
ge 1.6 lt 1.6.3

py32-django
ge 1.6 lt 1.6.3

py33-django
ge 1.6 lt 1.6.3

py34-django
ge 1.6 lt 1.6.3

py26-django15
ge 1.5 lt 1.5.6

py27-django15
ge 1.5 lt 1.5.6

py31-django15
ge 1.5 lt 1.5.6

py32-django15
ge 1.5 lt 1.5.6

py33-django15
ge 1.5 lt 1.5.6

py34-django15
ge 1.5 lt 1.5.6

py26-django14
ge 1.4 lt 1.4.11

py27-django14
ge 1.4 lt 1.4.11

py31-django14
ge 1.4 lt 1.4.11

py32-django14
ge 1.4 lt 1.4.11

py33-django14
ge 1.4 lt 1.4.11

py34-django14
ge 1.4 lt 1.4.11

py26-django-devel
lt 20140423,1

py27-django-devel
lt 20140423,1

https://www.djangoproject.com/weblog/2014/apr/21/security/
CVE-2014-0472
CVE-2014-0473
CVE-2014-0474
3c5579f7-294a-11e4-99f6-00e0814cab4edjango -- multiple vulnerabilities

The Django project reports:

These releases address an issue with reverse() generating external URLs; a denial of service involving file uploads; a potential session hijacking issue in the remote-user middleware; and a data leak in the administrative interface. We encourage all users of Django to upgrade as soon as possible.


Discovery 2014-08-20
Entry 2014-08-21
py27-django
ge 1.6 lt 1.6.6

py27-django15
ge 1.5 lt 1.5.9

py27-django14
ge 1.4 lt 1.4.14

py32-django
ge 1.6 lt 1.6.6

py32-django15
ge 1.5 lt 1.5.9

py33-django
ge 1.6 lt 1.6.6

py33-django15
ge 1.5 lt 1.5.9

py34-django
ge 1.6 lt 1.6.6

py34-django15
ge 1.5 lt 1.5.9

py27-django-devel
lt 20140821,1

py32-django-devel
lt 20140821,1

py33-django-devel
lt 20140821,1

py34-django-devel
lt 20140821,1

https://www.djangoproject.com/weblog/2014/aug/20/security/
CVE-2014-0480
CVE-2014-0481
CVE-2014-0482
CVE-2014-0483