MGASA-2012-0219
| Date: | August 18th, 2012 |
| Affected releases: | 1, 2 |
Description:
Updated python-django package fixes security vulnerabilities:
The (1) django.http.HttpResponseRedirect and (2)
django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2
and 1.4.x before 1.4.1 do not validate the scheme of a redirect target,
which might allow remote attackers to conduct cross-site scripting (XSS)
attacks via a data: URL (CVE-2012-3442).
The django.forms.ImageField class in the form system in Django before
1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during
image validation, which allows remote attackers to cause a denial of
service (memory consumption) by uploading an image file (CVE-2012-3443).
The get_image_dimensions function in the image-handling functionality in
Django before 1.3.2 and 1.4.x before 1.4.1 uses a constant chunk size in
all attempts to determine dimensions, which allows remote attackers to
cause a denial of service (process or thread consumption) via a large
TIFF image (CVE-2012-3444).
Updated Packages:
Mageia 1:
python-django-1.3.3-1.mga1
Mageia 2:
python-django-1.3.3-2.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3442
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3443
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3444
http://lists.opensuse.org/opensuse-updates/2012-08/msg00014.html
https://bugs.mageia.org/show_bug.cgi?id=6986
