-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : python-django Version : 1.4.22-1+deb7u1 CVE ID : CVE-2016-7401
It was discovered that there was a possible CSRF protection bypass on sites that use Google Analytics in python-django, a High-level Python web development framework. More information can be found in the upstream announcement: https://www.djangoproject.com/weblog/2016/sep/26/security-releases/ For Debian 7 "Wheezy", this issue has been fixed in python-django version 1.4.22-1+deb7u1. We recommend that you upgrade your python-django packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJX9sCkAAoJEB6VPifUMR5Y/NkP/3pn6GIrzDur8U8jMGEpsrCL Rx0iCzsPte80mRW7c5FQhqYtEFq5LKikjIoGeMeshUKck6vdXiI34TXhgvI8lvWi NBtqcfSZptPsNnsXg3FrTgQ90DkExmnETDovGkBL00aXSXX4SV2bWrW9hiXIrQjt URjr3mlp8Y18Liecmrcp7JAHIaO2G0YgUaoscIt/qDPPcw+grUYOyYk3IqpbMr88 HlgcSVlhTMCumSBKqF5/UdAq6N+orFN7exxmTquL/QridNrkP4nk9CAxuGcVed7P DkeKyqM1+8LKb+X4HU0gL72WQHLpFmpV8MqFwThRi1lQJ3Zrq5Y4Sdgjxdk7e1Am UVzs3m/iQ0G3h1jXfolT6lbA2WeJ9PCy4/RtiMYcjkAa/4AA9YqhLeAGsgZmFHPU KryM0bVqVrIwqFu9pq0BB2g8DCeD1E+Bee31PBAfvpT7mJyx1bQ2lCS95yhvQMXk yrfuWYelqBntC+XNN2dInILdsszv4621gEZJ1vo3zyhAJuanXRTowZRI2Ee2EkPu kGG6lXKOQ45e7Ka1ER34l/uBRI9QmciGyFe4hlCVxJSTjtIRrjkvbPZRAZR/1Jtz nPbJq1d13E8BegIBJi15oT5plFbPujXeifLO6JY8XyBjzvl1i0n6Rufbe1uw3rF6 uIUUTsL+0X6hiPVpcYUH =hBTW -----END PGP SIGNATURE-----