[ubuntu/artful-updates] python-django 1:1.11.4-1ubuntu1.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Feb 7 14:28:10 UTC 2018


python-django (1:1.11.4-1ubuntu1.1) artful-security; urgency=medium

  * SECURITY UPDATE: cross-site scripting attack
    - debian/patches/CVE-2017-12794.patch: Fixed XSS possibility in
      traceback section of technical 500 debug page in django/views/debug.py,
      tests/view_tests/tests/py3_test_debug.py.
    - CVE-2017-12794
  * SECURITY UPDATE: AuthenticationForm issue allowed obtain potentially
    sensitive informations
    - debian/patches/CVE-2018-6188.patch: this backport added just a test that
      was missing, major part of the code original patcha and the package were
      already applied in the package. Test add in test/auth_tests/test_forms.py.
    - CVE-2018-6188

Date: 2018-02-06 15:45:19.761346+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/python-django/1:1.11.4-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Artful-changes mailing list