openSUSE Security Update : python-Django1 (openSUSE-2018-875)
Medium Nessus Plugin ID 111810
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for python-Django1 to version 1.11.15 fixes the following issues :
The following security vulnerability was fixed :
- CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware (boo#1102680)
The following other bugs were fixed :
- Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS 3.6.1+
- Fixed a regression where altering a field with a unique constraint may drop and rebuild more foreign keys than necessary
- Fixed crashes in django.contrib.admindocs when a view is a callable object, such as django.contrib.syndication.views.Feed
- Fixed a regression where QuerySet.values() or values_list() after combining an annotated and unannotated queryset with union(), difference(), or intersection() crashed due to mismatching columns
SolutionUpdate the affected python-Django1 package.