Bug 1090593 (CVE-2014-0474)
Summary: | CVE-2014-0474 python-django: MySQL typecasting | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | abaron, aortega, apevec, athomas, ayoung, bkabrda, bkearney, chrisw, gkotton, jdornak, katello-bugs, kseifried, lhh, markmc, mhroncok, michel, mrunge, rbryant, rhos-maint, sclewis, tjay, yeylon |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | django 1.4.11, django 1.5.6, django 1.6.3, django 1.7b2 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-08-26 23:40:15 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1027766, 1090687, 1090689 | ||
Bug Blocks: | 1090594, 1129960 |
Description
Vincent Danen
2014-04-23 16:58:35 UTC
This has been addressed in Fedora 20 and EPEL6: https://admin.fedoraproject.org/updates/Django14-1.4.11-1.el6 https://admin.fedoraproject.org/updates/python-django15-1.5.6-1.fc20 https://admin.fedoraproject.org/updates/python-django14-1.4.11-1.fc20 https://admin.fedoraproject.org/updates/python-django-1.6.3-1.fc20 Acknowledgements: Red Hat would like to thank the upstream Django project for reporting this issue. Upstream acknowledges the Ruby on Rails team, and specifically Michael Koziarski, as the original reporters. This issue has been addressed in following products: OpenStack 3 for RHEL 6 Via RHSA-2014:0457 https://rhn.redhat.com/errata/RHSA-2014-0457.html This issue has been addressed in following products: OpenStack 4 for RHEL 6 Via RHSA-2014:0456 https://rhn.redhat.com/errata/RHSA-2014-0456.html |