Source: python-django Version: 1.9.1-1 Severity: important Tags: security upstream fixed-upstream
Hi, the following vulnerability was published for python-django. CVE-2016-2048[0]: | User with "change" but not "add" permission can create objects for | ModelAdminâs with save_as=True If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-2048 [1] https://www.djangoproject.com/weblog/2016/feb/01/releases-192-and-189/ Regards, Salvatore
