python-django 1.6.1-2ubuntu0.4 source package in Ubuntu
Changelog
python-django (1.6.1-2ubuntu0.4) trusty-security; urgency=medium * SECURITY UPDATE: incorrect url validation in core.urlresolvers.reverse - debian/patches/CVE-2014-0480.patch: prevent reverse() from generating URLs pointing to other hosts in django/core/urlresolvers.py, added tests to tests/urlpatterns_reverse/{tests,urls}.py. - CVE-2014-0480 * SECURITY UPDATE: denial of service via file upload handling - debian/patches/CVE-2014-0481.patch: remove O(n) algorithm in django/core/files/storage.py, updated docs in docs/howto/custom-file-storage.txt, docs/ref/files/storage.txt, added tests to tests/file_storage/tests.py, tests/files/tests.py. - CVE-2014-0481 * SECURITY UPDATE: web session hijack via REMOTE_USER header - debian/patches/CVE-2014-0482.patch: modified RemoteUserMiddleware to logout on REMOTE_USE change in django/contrib/auth/middleware.py, added test to django/contrib/auth/tests/test_remote_user.py. - CVE-2014-0482 * SECURITY UPDATE: data leak in contrib.admin via query string manipulation - debian/patches/CVE-2014-0483.patch: validate to_field in django/contrib/admin/{options,exceptions}.py, django/contrib/admin/views/main.py, added docs to docs/ref/exceptions.txt, added tests to tests/admin_views/tests.py. - debian/patches/CVE-2014-0483-bug23329.patch: regression fix in django/contrib/admin/options.py, added tests to tests/admin_views/{admin,models,tests}.py. - debian/patches/CVE-2014-0483-bug23431.patch: regression fix in django/contrib/admin/options.py, added tests to tests/admin_views/{admin,models,tests}.py. - CVE-2014-0483 -- Marc Deslauriers <email address hidden> Tue, 09 Sep 2014 13:37:23 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-django_1.6.1.orig.tar.gz | 6.3 MiB | cf011874f54a16e7452e0fe1e7f4ec144b95b47ecf31766c9f1f8cf438f09c06 |
python-django_1.6.1-2ubuntu0.4.debian.tar.gz | 39.9 KiB | 7218912f76331861540da2fb9ff5a43cb942c40bdab187246ef53904b58c54f3 |
python-django_1.6.1-2ubuntu0.4.dsc | 2.3 KiB | e81f989becb90a0b58a78d5c9665adb476aaa69c24de996c088bfcd2496806b1 |
Available diffs
Binary packages built by this source
- python-django: High-level Python web development framework
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
Notable features include:
* An object-relational mapper (ORM)
* Automatic admin interface
* Elegant URL dispatcher
* Form serialization and validation system
* Templating system
* Lightweight, standalone web server for development and testing
* Internationalization support
* Testing framework and client
- python-django-doc: High-level Python web development framework (documentation)
Django is a high-level web application framework that loosely follows the
model-view-controller design pattern.
.
Python's equivalent to Ruby on Rails, Django lets you build complex
data-driven websites quickly and easily - Django focuses on automating as much
as possible and adhering to the "Don't Repeat Yourself" (DRY) principle.
.
Django additionally emphasizes reusability and "pluggability" of components;
many generic third-party "applications" are available to enhance projects or
to simply to reduce development time even further.
.
This package contains the HTML documentation and example projects.