Fedora 13 : Django-1.2.4-1.fc13 (2011-0096)

This script is Copyright (C) 2011-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- Mon Jan 3 2011 Steve 'Ashcrow' Milner <me at
stevemilner.org> - 1.2.4-1

- Update for multiple security issues (see
http://www.djangoproject.com/weblog/2010/dec/22/securi
ty/)

- Sat Oct 9 2010 Steve 'Ashcrow' Milner <me at
stevemilner.org> - 1.2.3-3

- Now build docs for F12+

- Added Django-remove-djangodocs-ext.patch

- Sat Oct 9 2010 Steve 'Ashcrow' Milner <me at
stevemilner.org> - 1.2.3-2

- Moved to dirhtml for documentation generation

- Mon Sep 13 2010 Steve 'Ashcrow' Milner <me at
stevemilner.org> - 1.2.3-1

- Update for
http://www.djangoproject.com/weblog/2010/sep/10/123/

- Thu Sep 9 2010 Steve 'Ashcrow' Milner <me at
stevemilner.org> - 1.2.2-1

- Update for CVE-2010-3082 (see
http://www.djangoproject.com/weblog/2010/sep/08/securi
ty-release/)

- Removed Django-hash-compat-13310.patch as it is
already included in this release

- Wed Jul 21 2010 David Malcolm <dmalcolm at redhat.com>
- 1.2.1-6

- Rebuilt for
https://fedoraproject.org/wiki/Features/Python_2.7/Mas
sRebuild

- Tue Jun 8 2010 Steve 'Ashcrow' Milner <stevem at
gnulinux.net> - 1.2.1-5

- Added
http://code.djangoproject.com/changeset/13310?format=d
iff&new=13310 per BZ#601212

- Thu Jun 3 2010 Steve 'Ashcrow' Milner <stevem at
gnulinux.net> - 1.2.1-4

- Include egg in >= rhel6

- Thu Jun 3 2010 Michel Salim <salimma at
fedoraproject.org> - 1.2.1-3

- Use generated %{name}.lang instead of including each
locale file by hand

- Temporarily make main package provide -doc on Rawhide,
to fix upgrade path until upstream documentation
builds with Sphinx 1.0

- Thu May 27 2010 Steve 'Ashcrow' Milner <stevem at
gnulinux.net> - 1.2.1-2

- Allow for building docs in F13 as it's only F14
freaking out

- Tue May 25 2010 Steve 'Ashcrow' Milner <stevem at
gnulinux.net> - 1.2.1-1

- Update for new release.

- Added lang files per BZ#584866.

- Changed perms on
%{python_sitelib}/django/contrib/admin/media/js/compre
ss.py

- Lots of explicit files listed in %files in order to
reduce duplicate file listings

- Docs are not built on F-13 for now

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://code.djangoproject.com/changeset/13310?format=diff&new=13310
http://www.djangoproject.com/weblog/2010/dec/22/security/
http://www.djangoproject.com/weblog/2010/sep/08/security-release/
http://www.djangoproject.com/weblog/2010/sep/10/123/
https://bugzilla.redhat.com/show_bug.cgi?id=665373
https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
http://www.nessus.org/u?f21a156f

Solution :

Update the affected Django package.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)

Family: Fedora Local Security Checks

Nessus Plugin ID: 51512 ()

Bugtraq ID:

CVE ID: CVE-2010-4534
CVE-2010-4535

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now