FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  509659
Date:      2019-08-23
Time:      21:16:52Z
Committer: kai

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
cb116651-79db-4c09-93a2-c38f9df46724django -- multiple vulnerabilities

The Django project reports:

Today the Django team released Django 1.10.3, Django 1.9.11, and 1.8.16. These releases addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

  • User with hardcoded password created when running tests on Oracle
  • DNS rebinding vulnerability when DEBUG=True

Discovery 2016-11-01
Entry 2016-11-02
py27-django
py33-django
py34-django
py35-django
lt 1.8.16

py27-django18
py33-django18
py34-django18
py35-django18
lt 1.8.16

py27-django19
py33-django19
py34-django19
py35-django19
lt 1.9.11

py27-django110
py33-django110
py34-django110
py35-django110
lt 1.10.3

https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
CVE-2016-9013
CVE-2016-9014
dc880d6c-195d-11e7-8c63-0800277dcc69django -- multiple vulnerabilities

Django team reports:

These release addresses two security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

  • Open redirect and possible XSS attack via user-supplied numeric redirect URLs
  • Open redirect vulnerability in django.views.static.serve()

Discovery 2017-04-04
Entry 2017-04-04
py27-django
py33-django
py34-django
py35-django
py36-django
lt 1.8.18

py27-django18
py33-django18
py34-django18
py35-django18
py36-django18
lt 1.8.18

py27-django19
py33-django19
py34-django19
py35-django19
py36-django19
lt 1.9.13

py27-django110
py33-django110
py34-django110
py35-django110
py36-django110
lt 1.10.7

https://www.djangoproject.com/weblog/2017/apr/04/security-releases/
CVE-2017-7233
CVE-2017-7234