SUSE-SU-2015:1815-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2015/suse-su-20151815-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1815-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2015:1815-1

Upstream

CVE-2015-5143

CVE-2015-5144

CVE-2015-5963

Related

Published

2015-10-15T02:36:44Z

Modified

2025-05-08T17:01:17.887539Z

Summary

Security update for python-Django

Details

This update for python-Django fixes the following security issues:

Prevent Denial-of-service possibility by filling session store. (bsc#937522, CVE-2015-5143)
Prevent Header injection possibility. (bsc#937523, CVE-2015-5144)
A remote denial of service (resource exhaustion) attack against the django session store was fixed in Python Django. This might have allowed remote attackers to exhaust existing web sessions. (bsc#941587, CVE-2015-5963)

References

Affected packages

SUSE:Enterprise Storage 1.0 / python-Django

Package

Name: python-Django
Purl: pkg:rpm/suse/python-Django&distro=SUSE%20Enterprise%20Storage%201.0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.11-8.1

Ecosystem specific

{
    "binaries": [
        {
            "python-Django": "1.6.11-8.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1815-1.json"