django

• Author: kikadf
• Vulnerable: 1.5.2-1
• Unaffected: 1.5.2-2arcturus1

Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse() function. Paul McMillan discovered that Django incorrectly cached certain pages that contained CSRF cookies. Michael Koziarski discovered that Django did not always perform explicit conversion of certain fields when using a MySQL database.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474