python-django 1.8.7-1ubuntu8.2 source package in Ubuntu

Changelog

python-django (1.8.7-1ubuntu8.2) yakkety-security; urgency=medium

  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

 -- Marc Deslauriers <email address hidden>  Wed, 29 Mar 2017 07:32:39 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2017-03-29
Uploaded to:
Yakkety
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Yakkety: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-django_1.8.7.orig.tar.gz 6.9 MiB 17a66de5cf59b5ee81c3dc57609b145bb45adddc0dc06937b998597d6e7b4523
python-django_1.8.7-1ubuntu8.2.debian.tar.xz 38.3 KiB f95d16b59475529f3e6ca25183a07c03da3df8de0341accc6f965edaea580191
python-django_1.8.7-1ubuntu8.2.dsc 2.7 KiB ee72e769346eb3945cd9e12c9cd89c6b15c3f137fdf4dc4076138bbcdd8f6f76

View changes file

Binary packages built by this source

python-django: No summary available for python-django in ubuntu yakkety.

No description available for python-django in ubuntu yakkety.

python-django-common: No summary available for python-django-common in ubuntu yakkety.

No description available for python-django-common in ubuntu yakkety.

python-django-doc: No summary available for python-django-doc in ubuntu yakkety.

No description available for python-django-doc in ubuntu yakkety.

python3-django: No summary available for python3-django in ubuntu yakkety.

No description available for python3-django in ubuntu yakkety.