238910 – www/py-django21: Update to 2.1.10 (Fixes security vulnerability)

Bug 238910 - www/py-django21: Update to 2.1.10 (Fixes security vulnerability)

Summary: www/py-django21: Update to 2.1.10 (Fixes security vulnerability)

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Many People
Assignee:	Wen Heping

URL:	https://docs.djangoproject.com/en/2.2...
Keywords:	security

Depends on:
Blocks:

Reported:	2019-07-01 09:57 UTC by Kubilay Kocak
Modified:	2019-07-07 07:26 UTC (History)
CC List:	3 users (show)

See Also:	238911

Flags:	koobs: maintainer-feedback+ koobs: merge-quarterly+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kubilay Kocak freebsd_committer

2019-07-01 09:57:06 UTC

2.1.10 fixes:

CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS

Comment 1 Walter Schwarzenfeld 2019-07-01 14:11:42 UTC

See r505572.

Comment 2 Walter Schwarzenfeld 2019-07-01 14:12:34 UTC

Korr. ports r505572.

Comment 3 commit-hook freebsd_committer

2019-07-01 14:39:47 UTC

A commit references this bug:

Author: wen
Date: Mon Jul  1 14:39:36 UTC 2019
New revision: 505575
URL: https://svnweb.freebsd.org/changeset/ports/505575

Log:
  - Document Django vulnerabilities.

  PR:		238911, 238910
  Submitted by:	koobs@

Changes:
  head/security/vuxml/vuln.xml

Comment 4 Kubilay Kocak freebsd_committer

2019-07-07 07:26:28 UTC

Assign to committer that resolved