Canonical Plugs Django Security Exploit in Multiple Ubuntu OSes

In order to repair the problem, users just have to update the operating system

Canonical published details in a security notice about a Django vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, and Ubuntu 10.04 LTS operating systems.

According to Canonical, Django could be made to expose sensitive information over the network.

Django did not properly filter the Host HTTP header when processing certain requests. An attacker could have exploited this security problem in order to generate and display arbitrary URLs to users.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest python-django packages, specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.

Hot right now  ·  Latest news