Mandriva Update For Python-django MDVSA-2008:185 (python-django) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A cross-site request forgery vulnerability was discovered in Django that, if exploited, could be used to perform unrequested deletion or modification of data. Updated versions of Django will now discard posts from users whose sessions have expired, so data will need to be re-entered in these cases. The versions of Django shipping with Mandriva Linux have been updated to the latest patched versions that include the fix for this issue. In addition, they provide other bug fixes.

Affected

python-django on Mandriva Linux 2007.1, Mandriva Linux 2007.1/X86_64, Mandriva Linux 2008.0, Mandriva Linux 2008.0/X86_64, Mandriva Linux 2008.1, Mandriva Linux 2008.1/X86_64

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:161-1 (squid)
Mandrake Security Advisory MDVSA-2009:039 (gedit)
Mandrake Security Advisory MDVSA-2009:114 (ipsec-tools)
Mandrake Security Advisory MDVSA-2009:079 (postgresql)
Mandrake Security Advisory MDVSA-2009:174 (perl-Compress-Raw-Zlib)

Mandriva Update for python-django MDVSA-2008:185 (python-django)

Take action and discover your vulnerabilities