python-django 1.2.5-1ubuntu1.1 source package in Ubuntu

Changelog

python-django (1.2.5-1ubuntu1.1) natty-security; urgency=low

  * SECURITY UPDATE: session manipulation when using django.contrib.sessions
    with memory-based sessions and caching
    - debian/patches/CVE-2011-4136.patch: use namespace of cache to store keys
      for session instead of root namespace
    - CVE-2011-4136
  * SECURITY UPDATE: potential denial of service and information disclosure in
    URLField
    - debian/patches/CVE-2011-4137+4138.patch: set verify_exists to False by
      default and use a timeout if available.
    - CVE-2011-4137, CVE-2011-4138
  * SECURITY UPDATE: potential cache-poisoning via crafted Host header
    - debian/patches/CVE-2011-4139.patch: ignore X-Forwarded-Host header by
      default when constructing full URLs
    - CVE-2011-4139
  * More information on these issues can be found at:
    https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
 -- Jamie Strandboge <email address hidden>   Wed, 07 Dec 2011 15:28:04 -0600

Upload details

Uploaded by:
Jamie Strandboge on 2011-12-08
Uploaded to:
Natty
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Natty: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
python-django_1.2.5.orig.tar.gz 6.1 MiB 649387248296386b589c4a8bf91d34590b43f93b6ebfe6cefbea0ddf4641ccd6
python-django_1.2.5-1ubuntu1.1.debian.tar.gz 21.4 KiB fec6db8ca32fd76e37e292567cf1db7d5ca8fff73a4f76a4af80180247e74893
python-django_1.2.5-1ubuntu1.1.dsc 2.2 KiB a410f9d5497a2b69bf9e635d15e9ec234970763ca4b919dd4ee1e72ad95c0abb

View changes file

Binary packages built by this source

python-django: No summary available for python-django in ubuntu natty.

No description available for python-django in ubuntu natty.

python-django-doc: No summary available for python-django-doc in ubuntu natty.

No description available for python-django-doc in ubuntu natty.