python-django 2:3.2~alpha1-2 source package in Debian
Changelog
python-django (2:3.2~alpha1-2) experimental; urgency=medium
* Apply security fix from upstream:
- CVE-2021-23336: Prevent a web cache poisoning attack via "parameter
cloaking". Django contains a copy of urllib.parse.parse_qsl() which was
added to backport some security fixes. A further security fix has been
issued recently such that parse_qsl() no longer allows using ";" as a
query parameter separator by default. (Closes: #983090)
<https://www.djangoproject.com/weblog/2021/feb/19/security-releases/>
-- Chris Lamb <email address hidden> Fri, 19 Feb 2021 09:28:42 +0000
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Experimental
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_3.2~alpha1-2.dsc | 2.7 KiB | c32f5b7a3d861aca6e935ecc02a2db0497e8fd0fa9b12c1c8d43e853edb80aec |
| python-django_3.2~alpha1.orig.tar.gz | 8.9 MiB | f6b99ef95aa0c5bf51ef0e469f19c21486966c9dce5b2ab5037763dc89a127f0 |
| python-django_3.2~alpha1-2.debian.tar.xz | 27.7 KiB | 7158eefe5367bf170904493f91acdd37866dbd3745e12486c49241d0ece45899 |
No changes file available.
