Django: Urgent Security Updates Released | Jonathan@BluMarble

HOME

rss feed

2009
10.11

Django: Urgent Security Updates Released

Category: Django / Tag: Django, Security / Add Comment

Just noticed an urgent security update available on the django website. The django team’s description of the vulnerability:

Django’s forms library included field types which perform regular-expression-based validation of email addresses and URLs. Certain addresses/URLs could trigger a pathological performance case in this regular expression, resulting in the server process/thread becoming unresponsive, and consuming excessive CPU over an extended period of time. If deliberately triggered, this could result in an effective denial-of-service attack.

If you using django 1.0 or 1.1, its advisable to install it. Visit http://www.djangoproject.com/weblog/2009/oct/09/security/ for more information and patch downloads.

Related Posts:

No Comment.

Add Your Comment

Your Comment

Recent Activity

October 2009

S M T W T F S

« Sep Nov »

1 2 3

4 5 6 7 8 9 10

11 12 13 14 15 16 17

18 19 20 21 22 23 24

25 26 27 28 29 30 31
Archives
Twitter Posts
- Costs you more to call a mobile number in #southafrica on #skype as it does from a #telkom land line or mobile to mobile. WTF #fail 23 hours ago
- @charlieb27 what operating system do you use, might be a good idea to get a Twitter Client. 2010/03/10
- Microsoft sent flowers to IE6 funeral http://bit.ly/aIiNib. LOL, Nice! 2010/03/10
- @believerider working prefectly :) 2010/03/09
- Corporates need to learn how to use twitter properly, instead of spamming their followers!!! 2010/03/08
My Links
- Follow Me On Twitter
- Me On DjangoPeople
Python Programming
Web Development
- jQuery.com