Bug 1609031 (CVE-2018-14574)
Summary: | CVE-2018-14574 django: Open redirect possibility in CommonMiddleware | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Laura Pardo <lpardo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | apevec, bbuckingham, bcourt, bkearney, cbillett, chrisw, jal233, jjoyce, jschluet, kbasil, lhh, lpeer, markmc, mburns, mhroncok, michel, mmccune, mrike, mrunge, ohadlevy, rbryant, rchan, rhos-maint, rjerrido, sclewis, security-response-team, sgallagh, sisharma, slinaber, srevivo, ssaha, tdecacqu, tomckay, vbellur |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Django 2.1, Django 2.0.8, Django 1.11.15 | Doc Type: | If docs needed, set a value |
Doc Text: |
When using the django.middleware.common.CommonMiddleware class with the APPEND_SLASH setting enabled, Django projects which accept paths ending in a slash may be vulnerable to an unvalidated HTTP redirect.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-10 10:34:22 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1611051, 1611050, 1611052, 1612125, 1617844, 1617846, 1617847, 1617849, 1617851, 1617853, 1617855, 1617857, 1635700, 1635701, 1642590 | ||
Bug Blocks: | 1609035 |
Description
Laura Pardo
2018-07-26 18:58:57 UTC
External Reference: https://www.djangoproject.com/weblog/2018/aug/01/security-releases/ Upstream Patches: https://github.com/django/django/commit/a656a681272f8f3734b6eb38e9a88aa0d91806f1 https://github.com/django/django/commit/c4e5ff7fdb5fce447675e90291fd33fddd052b3c https://github.com/django/django/commit/6fffc3c6d420e44f4029d5643f38d00a39b08525 https://github.com/django/django/commit/d6eaee092709aad477a9894598496c6deec532ff Created python-django tracking bugs for this issue: Affects: epel-7 [bug 1611050] Affects: fedora-all [bug 1611052] Created python-django16 tracking bugs for this issue: Affects: epel-7 [bug 1611051] Note that there is also: https://src.fedoraproject.org/rpms/python2-django1.11 And: https://src.fedoraproject.org/rpms/python-django/branch/1.6 (1.6 modular build of Django for Fedora) This issue has been addressed in the following products: Red Hat Gluster Storage 3.4 for RHEL 7 Via RHSA-2019:0265 https://access.redhat.com/errata/RHSA-2019:0265 Statement: This issue did not affect the versions of python-django as shipped with Red Hat Update Infrastructure 3 as the vulnerable code was introduced in a newer version of the package. Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. Although Red Hat Satellite 6 contains the vulnerable component, it is not affected by this flaw since the condition to exploit the vulnerability cannot be satisfied. In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-django package. |