python-django 1.1.1-2ubuntu1.4 source package in Ubuntu

Changelog

python-django (1.1.1-2ubuntu1.4) lucid-security; urgency=low

  * SECURITY UPDATE: session manipulation when using django.contrib.sessions
    with memory-based sessions and caching
    - debian/patches/CVE-2011-4136.patch: use namespace of cache to store keys
      for session instead of root namespace
    - CVE-2011-4136
  * SECURITY UPDATE: potential denial of service and information disclosure in
    URLField
    - debian/patches/CVE-2011-4137+4138.patch: set verify_exists to False by
      default and use a timeout if available.
    - CVE-2011-4137, CVE-2011-4138
  * SECURITY UPDATE: potential cache-poisoning via crafted Host header
    - debian/patches/CVE-2011-4139.patch: ignore X-Forwarded-Host header by
      default when constructing full URLs
    - CVE-2011-4139
  * More information on these issues can be found at:
    https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
 -- Jamie Strandboge <email address hidden>   Wed, 07 Dec 2011 16:02:57 -0600

Upload details

Uploaded by:
Jamie Strandboge on 2011-12-08
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Lucid: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
python-django_1.1.1.orig.tar.gz 5.4 MiB d65b18319496fc4923b37fdb736e5ba1a90a3a18e2d7eaac7f3ad30738d1f6e4
python-django_1.1.1-2ubuntu1.4.diff.gz 49.0 KiB 26f2a02f00de6879554d8cf7f09470719531771bc5c4ce5a04ef8fbc51ab30f5
python-django_1.1.1-2ubuntu1.4.dsc 2.2 KiB 46156f4761e5922c0165439d805613e9334064eb1a3f026750c344f2962e5356

View changes file

Binary packages built by this source

python-django: High-level Python web development framework

 Django is a high-level web application framework that loosely follows the
 model-view-controller design pattern.
 .
 Python's equivalent to Ruby on Rails, Django lets you build complex
 data-driven websites quickly and easily - Django focuses on automating as much
 as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
 .
 Django additionally emphasizes reusability and "pluggability" of components;
 many generic third-party "applications" are available to enhance projects or
 to simply to reduce development time even further.
 .
 Notable features include:
  * An object-relational mapper (ORM)
  * Automatic admin interface
  * Elegant URL dispatcher
  * Form serialization and validation system
  * Templating system
  * Lightweight, standalone web server for development and testing
  * Internationalization support
  * Testing framework and client

python-django-doc: High-level Python web development framework (documentation)

 Django is a high-level web application framework that loosely follows the
 model-view-controller design pattern.
 .
 Python's equivalent to Ruby on Rails, Django lets you build complex
 data-driven websites quickly and easily - Django focuses on automating as much
 as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
 .
 Django additionally emphasizes reusability and "pluggability" of components;
 many generic third-party "applications" are available to enhance projects or
 to simply to reduce development time even further.
 .
 This package contains the HTML documentation and example projects.