Django security releases issued: 1.10.3, 1.9.11 and 1.8.16

NCAR / ncharts

EOL data visualization application

BSD 2-Clause "Simplified" License

1 stars 0 forks source link

Django security releases issued: 1.10.3, 1.9.11 and 1.8.16 #22

Closed erikj closed 3 years ago

erikj commented 7 years ago

I don't think that these affect ncharts running in production

https://www.djangoproject.com/weblog/2016/nov/01/security-releases/

CVE-2016-9013: User with hardcoded password created when running tests on Oracle

CVE-2016-9014: DNS rebinding vulnerability when DEBUG=True

Security Advisory: Social media fingerprinting

maclean commented 7 years ago

Aug 3, 2017: upgraded to python 3.4.5 and django 1.11.4 on datavis-dev and datavis. Added notes on how to do it in the README-devel.md and README-prod-md.

python3 --version Python 3.4.5

./manage.py version 1.11.4