Debian 9844 Published by

A python-django-markupfield security update has been released for Debian 6 LTS



Package : python-django-markupfield
Version : 1.0.0a2-1+deb6u1
CVE ID : CVE-2015-0846

James P. Turk discovered that the ReST renderer in django-markupfield,
a custom Django field for easy use of markup in text fields, didn't
disable the ..raw directive, allowing remote attackers to include
arbitrary files.