Bug 238910

Summary: www/py-django21: Update to 2.1.10 (Fixes security vulnerability)
Product: Ports & Packages Reporter: Kubilay Kocak <koobs>
Component: Individual Port(s)Assignee: Wen Heping <wen>
Status: Closed FIXED    
Severity: Affects Many People CC: ports-secteam, w.schwarzenfeld, wen
Priority: Normal Keywords: security
Version: LatestFlags: koobs: maintainer-feedback+
koobs: merge-quarterly+
Hardware: Any   
OS: Any   
URL: https://docs.djangoproject.com/en/2.2/releases/2.1.10/
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238911

Description Kubilay Kocak freebsd_committer freebsd_triage 2019-07-01 09:57:06 UTC 
2.1.10 fixes:

CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS
Comment 1 Walter Schwarzenfeld 2019-07-01 14:11:42 UTC 
See r505572.
Comment 2 Walter Schwarzenfeld 2019-07-01 14:12:34 UTC 
Korr. ports r505572.
Comment 3 commit-hook freebsd_committer freebsd_triage 2019-07-01 14:39:47 UTC 
A commit references this bug:

Author: wen
Date: Mon Jul  1 14:39:36 UTC 2019
New revision: 505575
URL: https://svnweb.freebsd.org/changeset/ports/505575

Log:
  - Document Django vulnerabilities.

  PR:		238911, 238910
  Submitted by:	koobs@

Changes:
  head/security/vuxml/vuln.xml
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2019-07-07 07:26:28 UTC 
Assign to committer that resolved