Wednesday, September 11, 2013

Security fix for Django, new versions 1.4.7 and 1.5.3 released

Django project has just released new versions of Django. These releases address a directory-traversal vulnerability in one of Django's built-in template tags. While this issue requires some fairly specific factors to be exploitable, Django project encourages all users of Django to upgrade promptly.

We have released BitNami Django 1.4.7 and 1.5.3 installers, virtual machines and Amazon EC2 and Windows Azure cloud images that fix this issue.

BitNami Django stacks also ship the recently released PostgreSQL database version 9.3.0 and PostGIS 2.1.0.

If you have already installed a previous version of these applications please make sure that you update your environment or apply the appropriate patches.