openSUSE: 2018:2809-1: important: python-Django1
Description
This update for python-Django1 to version 1.11.15 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an open redirect possibility in CommonMiddleware (boo#1102680) The following other bugs were fixed: - Fixed WKBWriter.write() and write_hex() for empty polygons on GEOS 3.6.1+ - Fixed a regression where altering a field with a unique constraint may drop and rebuild more foreign keys than necessary - Fixed crashes in django.contrib.admindocs when a view is a callable object, such as django.contrib.syndication.views.Feed - Fixed a regression where QuerySet.values() or values_list() after combining an annotated and unannotated queryset with union(), difference(), or intersection() crashed due to mismatching columns This update was imported from the openSUSE:Leap:15.0:Update update project.
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2018-884=1
Package List
- openSUSE Backports SLE-15 (noarch): python2-Django1-1.11.15-bp150.3.3.1
References
https://www.suse.com/security/cve/CVE-2018-14574.html https://bugzilla.suse.com/1102680--