python-django 1.2.3-1ubuntu0.2.10.10.1 source package in Ubuntu
Changelog
python-django (1.2.3-1ubuntu0.2.10.10.1) maverick-security; urgency=low
* SECURITY UPDATE: information leak in admin interface
- debian/patches/07_security_admin_infoleak.diff: validate querystring
lookup arguments either specify only fields on the model being viewed,
or cross relations which have been explicitly whitelisted.
- CVE-2010-4534
* SECURITY UPDATE:
- debian/patches/08_security_pasword_reset_dos.diff: adjust
base36_to_int() function in django.utils.http will now validate the
length of its input; on input longer than 13 digits (sufficient to
base36-encode any 64-bit integer), it will now raise ValueError.
Additionally, the default URL patterns for django.contrib.auth will now
enforce a maximum length on the relevant parameters.
- CVE-2010-4535
-- Jamie Strandboge <email address hidden> Mon, 03 Jan 2011 11:28:10 -0600
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Maverick
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_1.2.3.orig.tar.gz | 6.0 MiB | cb830f6038b78037647150d977f6cd5cf2bfd731f1788ecf8758a03c213a0f84 |
| python-django_1.2.3-1ubuntu0.2.10.10.1.debian.tar.gz | 21.1 KiB | 37e643997ad12006bd49e40319ad8c7f5c271f45b26c34a78ab0ca74a5c21e62 |
| python-django_1.2.3-1ubuntu0.2.10.10.1.dsc | 2.2 KiB | 32f851ecf60432da5fecd6f629cd93f7767f5efeab825cb41e972b150619acfa |
Available diffs
Binary packages built by this source
- python-django: No summary available for python-django in ubuntu maverick.
No description available for python-django in ubuntu maverick.
- python-django-doc: No summary available for python-django-doc in ubuntu maverick.
No description available for python-django-doc in ubuntu maverick.
