Publishing details
-
Published
-
Copied from
ubuntu precise in
Private PPA for Ubuntu Security Team
by Marc Deslauriers
Changelog
python-django (1.3.1-4ubuntu1.23) precise-security; urgency=medium
* SECURITY UPDATE: Open redirect and possible XSS attack via
user-supplied numeric redirect URLs
- debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
URLs in django/utils/http.py, added tests to
tests/regressiontests/utils/http.py.
- CVE-2017-7233
* SECURITY UPDATE: Open redirect vulnerability in
django.views.static.serve()
- debian/patches/CVE-2017-7234.patch: remove redirect from
django/views/static.py.
- CVE-2017-7234
-- Marc Deslauriers <email address hidden> Wed, 29 Mar 2017 07:49:05 -0400
Builds
Built packages
-
python-django
High-level Python web development framework
-
python-django-doc
High-level Python web development framework (documentation)
Package files