Publishing details

Published on 2014-05-15

Changelog

python-django (1.5.4-1ubuntu1.3~cloud0) precise-havana; urgency=medium

  * New update for the Ubuntu Cloud Archive.

python-django (1.5.4-1ubuntu1.3) saucy-security; urgency=medium

  * SECURITY UPDATE: cache coherency problems in old Internet Explorer
    compatibility functions lead to loss of privacy and cache poisoning
    attacks. (LP: #1317663)
    - debian/patches/drop_fix_ie_for_vary_1_5.diff: remove fix_IE_for_vary()
      and fix_IE_for_attach() functions so Cache-Control and Vary headers are
      no longer modified. This may introduce some regressions for IE 6 and IE 7
      users. Patch from upstream.
    - CVE-2014-1418
  * SECURITY UPDATE: The validation for redirects did not correctly validate
    some malformed URLs, which are accepted by some browsers. This allows a
    user to be redirected to an unsafe URL unexpectedly.
    - debian/patches/is_safe_url_1_5.diff: Forbid URLs starting with '///',
      forbid URLs without a host but with a path. Patch from upstream.
 -- Openstack Ubuntu Testing Bot <email address hidden>   Thu, 15 May 2014 04:03:49 -0400

Available diffs

diff from 1.5.4-1ubuntu1.2~cloud0 to 1.5.4-1ubuntu1.3~cloud0 (3.7 KiB)

Builds

i386

Built packages

python-django High-level Python web development framework

python-django-doc High-level Python web development framework (documentation)

Package files

python-django-doc_1.5.4-1ubuntu1.3~cloud0_all.deb (2.5 MiB)
python-django_1.5.4-1ubuntu1.3~cloud0.debian.tar.gz (30.3 KiB)
python-django_1.5.4-1ubuntu1.3~cloud0.dsc (2.3 KiB)
python-django_1.5.4-1ubuntu1.3~cloud0_all.deb (5.3 MiB)
python-django_1.5.4.orig.tar.gz (7.7 MiB)