Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 19 Apr 2015 12:35:19 -0400
From: Paul Tagliamonte <>
Subject: Remote file inclusion in django-markupfield

Hey folks,

An arbitrary file inclusion bug was discovered in django-markupfield.

A CVE was issued from Debian, CVE-2015-0846, but the commit is public in
the upstream repo, so this mail is to avoid deduplication of this issue.

Sorry about this mishandling,


#define sizeof(x) rand()

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.