FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

django -- denial-of-service via large passwords

Affected packages
1.5 <= py26-django < 1.5.4
1.4 <= py26-django < 1.4.8
1.5 <= py27-django < 1.5.4
1.4 <= py27-django < 1.4.8
py26-django-devel < 20130922,1
py27-django-devel < 20130922,1

Details

VuXML ID 05dc6efa-2370-11e3-95b7-00e0814cab4e
Discovery 2013-09-15
Entry 2013-09-22
Modified 2013-09-30

The Django project reports:

These releases address a denial-of-service attack against Django's authentication framework. All users of Django are encouraged to upgrade immediately.

References

CVE Name CVE-2013-1443
URL https://www.djangoproject.com/weblog/2013/sep/15/security/