python-django 2:3.2~alpha1-2 source package in Debian
Changelog
python-django (2:3.2~alpha1-2) experimental; urgency=medium * Apply security fix from upstream: - CVE-2021-23336: Prevent a web cache poisoning attack via "parameter cloaking". Django contains a copy of urllib.parse.parse_qsl() which was added to backport some security fixes. A further security fix has been issued recently such that parse_qsl() no longer allows using ";" as a query parameter separator by default. (Closes: #983090) <https://www.djangoproject.com/weblog/2021/feb/19/security-releases/> -- Chris Lamb <email address hidden> Fri, 19 Feb 2021 09:28:42 +0000
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Experimental
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-django_3.2~alpha1-2.dsc | 2.7 KiB | c32f5b7a3d861aca6e935ecc02a2db0497e8fd0fa9b12c1c8d43e853edb80aec |
python-django_3.2~alpha1.orig.tar.gz | 8.9 MiB | f6b99ef95aa0c5bf51ef0e469f19c21486966c9dce5b2ab5037763dc89a127f0 |
python-django_3.2~alpha1-2.debian.tar.xz | 27.7 KiB | 7158eefe5367bf170904493f91acdd37866dbd3745e12486c49241d0ece45899 |
No changes file available.