python-django 1.6.6-1ubuntu2.2 source package in Ubuntu

Changelog

python-django (1.6.6-1ubuntu2.2) utopic-security; urgency=medium

  * SECURITY UPDATE: denial-of-service possibility with strip_tags
    - debian/patches/CVE-2015-2316.patch: fix infinite loop possibility
      in django/utils/html.py, added test to
      tests/utils_tests/test_html.py.
    - CVE-2015-2316
  * SECURITY UPDATE: XSS attack via user-supplied redirect URLs
    - debian/patches/CVE-2015-2317.patch: reject URLs that start with
      control characters in django/utils/http.py, added test to
      tests/utils_tests/test_http.py.
    - CVE-2015-2317
 -- Marc Deslauriers <email address hidden>   Fri, 20 Mar 2015 10:22:16 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2015-03-20
Uploaded to:
Utopic
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Utopic: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
python-django_1.6.6.orig.tar.gz 6.3 MiB 536cbd54e533ba3563d205f0c91988b24e7d74b8b253d7825e42214b50ba7e90
python-django_1.6.6-1ubuntu2.2.debian.tar.xz 27.2 KiB 121fd470aea2d7135a336a7f8a13544e86794c2b26295974f0dce9bd679fbbd4
python-django_1.6.6-1ubuntu2.2.dsc 2.5 KiB b8731b90a499686940be0f0d05be9a3d3db59d6b49d6c2d8276a38b3585bc56d

View changes file

Binary packages built by this source

python-django: No summary available for python-django in ubuntu utopic.

No description available for python-django in ubuntu utopic.

python-django-common: No summary available for python-django-common in ubuntu utopic.

No description available for python-django-common in ubuntu utopic.

python-django-doc: No summary available for python-django-doc in ubuntu utopic.

No description available for python-django-doc in ubuntu utopic.

python3-django: No summary available for python3-django in ubuntu utopic.

No description available for python3-django in ubuntu utopic.