Debian Security Advisory DSA 2163-2 (dajaxice) Network Vulnerability

Summary

The remote host is missing an update to dajaxice announced via advisory DSA 2163-2.

Solution

For the stable distribution (squeeze), this problem has been fixed in version 0.1.5-1squeeze1. For the testing (wheezy) and unstable distribution (sid), this problem has been fixed in version 0.1.8.1-1. We recommend that you upgrade your dajaxice packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202163-2

Insight

The changes in python-django DSA-2163 necessary to fix the issues CVE-2011-0696 and CVE-2011-0697 introduced an unavoidable backward incompatibility, which caused a regression in dajaxice, which depends on python-django. This update supplies fixed packages for dajaxice.

Severity

Classification

CVE CVE-2011-0696, CVE-2011-0697

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 114-1 (gnujsp)
Debian Security Advisory DSA 1154-1 (squirrelmail)
Debian Security Advisory DSA 1076-1 (lynx)
Debian Security Advisory DSA 1116-1 (gimp)
Debian Security Advisory DSA 1032-1 (zope-cmfplone)

Take action and discover your vulnerabilities