Add fixed version for python-django CVE-2007-5828 and update note.

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46147 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Scott Kitterman <kitterman@debian.org> 2016-11-13 00:41:39 +0000
committer: Scott Kitterman <kitterman@debian.org> 2016-11-13 00:41:39 +0000
commit: 2a4b98ac695c2506fc4692faa31e69363729674e (patch)
tree: 61035ddc60fbacea6ed9814e2ffecc0f2fc2d329 /data/CVE/2007.list
parent: 09102a0b65f66446d0816a24700fa56b3d589035 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 9c3547d2cf..64dd68b103 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -2240,9 +2240,10 @@ CVE-2007-5830 (Unspecified vulnerability in the administrative interface in Avay
 CVE-2007-5829 (The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and ...)
 	NOT-FOR-US: Symantec AntiVirus
 CVE-2007-5828 (** DISPUTED ** ...)
-	- python-django <unfixed> (unimportant)
+	- python-django 1.2.1 (unimportant)
 	NOTE: this is documented in docs/csrf.txt included in the python-django package and
-	NOTE: there is a plugin enabling this feature. This is intended behaviour.
+	NOTE: there is a plugin enabling this feature. This is intended behaviour pre-1.2.
+        NOTE: https://docs.djangoproject.com/en/1.10/ref/csrf/#using-csrf
 CVE-2007-5827 (iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for ...)
 	{DTSA-106-1}
 	- iscsitarget 0.4.15-5 (bug #448873)
author	Scott Kitterman <kitterman@debian.org>	2016-11-13 00:41:39 +0000
committer	Scott Kitterman <kitterman@debian.org>	2016-11-13 00:41:39 +0000
commit	2a4b98ac695c2506fc4692faa31e69363729674e (patch)
tree	61035ddc60fbacea6ed9814e2ffecc0f2fc2d329 /data/CVE/2007.list
parent	09102a0b65f66446d0816a24700fa56b3d589035 (diff)