SUSE Package Hub - openSUSE-2018-884

Update Info

openSUSE-2018-884

Security update for python-Django1

Type: security

Severity: important

Issued: 2018-08-16

Description:

This update for python-Django1 to version 1.11.15 fixes the following issues:

The following security vulnerability was fixed:

- CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware (boo#1102680)

The following other bugs were fixed:

- Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS 3.6.1+
- Fixed a regression where altering a field with a unique constraint may drop
  and rebuild more foreign keys than necessary
- Fixed crashes in django.contrib.admindocs when a view is a callable object,
  such as django.contrib.syndication.views.Feed
- Fixed a regression where QuerySet.values() or values_list() after combining
  an annotated and unannotated queryset with union(), difference(), or
  intersection() crashed due to mismatching columns

This update was imported from the openSUSE:Leap:15.0:Update update project.

References

CVE: CVE-2018-14574
Bugzilla: 1102680 https://bugzilla.opensuse.org/show_bug.cgi?id=1102680

Packages

python-Django1-1.11.15-bp150.3.3.1