Vulnerability Bulletins |
DSA-3230 django-markupfield - security update |
|
System information |
|
| Affected software | Debian |
Description |
|
|
James P. Turk discovered that the ReST renderer in django-markupfield,a custom Django field for easy use of markup in text fields, didntdisable the ..raw directive, allowing remote attackers to includearbitrary files. More info: https://www.debian.org/security/2015/dsa-3230 |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2015-0846 and DSA-3230. |
Version history |
||
| Version | Comments | Date |
| 1.0 | Advisory issued | 2015-04-22 |