python-django 1.1.1-1ubuntu1.1 source package in Ubuntu
Changelog
python-django (1.1.1-1ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: information leak in admin interface
- debian/patches/21_security_admin_infoleak.diff: validate querystring
lookup arguments either specify only fields on the model being viewed,
or cross relations which have been explicitly whitelisted.
- CVE-2010-4534
* SECURITY UPDATE:
- debian/patches/22_security_pasword_reset_dos.diff: adjust
base36_to_int() function in django.utils.http will now validate the
length of its input; on input longer than 13 digits (sufficient to
base36-encode any 64-bit integer), it will now raise ValueError.
Additionally, the default URL patterns for django.contrib.auth will now
enforce a maximum length on the relevant parameters.
- CVE-2010-4535
* add patch from Lucid to fix FTBFS in November by applying patch from
upstream bug #12125
- debian/patches/23_ftbfs_in_november.diff
-- Jamie Strandboge <email address hidden> Mon, 03 Jan 2011 11:36:34 -0600
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Karmic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_1.1.1.orig.tar.gz | 5.4 MiB | d65b18319496fc4923b37fdb736e5ba1a90a3a18e2d7eaac7f3ad30738d1f6e4 |
| python-django_1.1.1-1ubuntu1.1.diff.gz | 20.1 KiB | 56aba3a14b329893ed54ee288f6913daf31c69e68045b517a767b02458a79cc5 |
| python-django_1.1.1-1ubuntu1.1.dsc | 2.2 KiB | 5f476d3e1d959fae6593feabfa5b39a8e45d7ab51849fe90ae25cceb2c8e05bc |
Available diffs
Binary packages built by this source
- python-django: No summary available for python-django in ubuntu karmic.
No description available for python-django in ubuntu karmic.
- python-django-doc: No summary available for python-django-doc in ubuntu karmic.
No description available for python-django-doc in ubuntu karmic.
