{"affected":[],"aliases":[],"details":"\npython-django was updated to 1.5.10 fixing bugs and security issues:\n\n    * Prevented reverse() from generating URLs pointing to other hosts to\n      prevent phishing attacks. (bnc#893087, CVE-2014-0480)\n    * Removed O(n) algorithm when uploading duplicate file names to fix\n      file upload denial of service. (bnc#893088, CVE-2014-0481)\n    * Modified RemoteUserMiddleware to logout on REMOTE_USE change to\n      prevent session hijacking. (bnc#893089, CVE-2014-0482)\n    * Prevented data leakage in contrib.admin via query string\n      manipulation. (bnc#893090, CVE-2014-0483)\n\nSecurity Issues:\n\n    * CVE-2014-0480\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480>\n    * CVE-2014-0481\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481>\n    * CVE-2014-0482\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482>\n    * CVE-2014-0483\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483>\n\n","id":"SUSE-SU-2015:0563-1","modified":"2014-09-03T15:51:02Z","published":"2014-09-03T15:51:02Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150563-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/893087"},{"type":"REPORT","url":"https://bugzilla.suse.com/893088"},{"type":"REPORT","url":"https://bugzilla.suse.com/893089"},{"type":"REPORT","url":"https://bugzilla.suse.com/893090"},{"type":"REPORT","url":"https://bugzilla.suse.com/913053"},{"type":"REPORT","url":"https://bugzilla.suse.com/913054"},{"type":"REPORT","url":"https://bugzilla.suse.com/913055"},{"type":"REPORT","url":"https://bugzilla.suse.com/913056"},{"type":"REPORT","url":"https://bugzilla.suse.com/914706"},{"type":"REPORT","url":"https://bugzilla.suse.com/923176"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0480"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0481"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0482"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0483"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0219"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0220"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0221"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0222"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-2316"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-2317"}],"related":["CVE-2014-0480","CVE-2014-0481","CVE-2014-0482","CVE-2014-0483","CVE-2015-0219","CVE-2015-0220","CVE-2015-0221","CVE-2015-0222","CVE-2015-2316","CVE-2015-2317"],"summary":"Security update for python-django","upstream":["CVE-2014-0480","CVE-2014-0481","CVE-2014-0482","CVE-2014-0483","CVE-2015-0219","CVE-2015-0220","CVE-2015-0221","CVE-2015-0222","CVE-2015-2316","CVE-2015-2317"]}