[ubuntu/lucid-security] python-django 1.1.1-2ubuntu1.12 (Accepted)

Seth Arnold seth.arnold at canonical.com
Thu May 15 00:44:25 UTC 2014

python-django (1.1.1-2ubuntu1.12) lucid-security; urgency=medium

  * SECURITY UPDATE: cache coherency problems in old Internet Explorer
    compatibility functions lead to loss of privacy and cache poisoning
    attacks. (LP: #1317663)
    - debian/patches/drop_fix_ie_for_vary_1_4.diff: remove fix_IE_for_vary()
      and fix_IE_for_attach() functions so Cache-Control and Vary headers are
      no longer modified. This may introduce some regressions for IE 6 and IE 7
      users. Patch from upstream.
    - CVE-2014-1418

Date: 2014-05-14 19:21:14.010768+00:00
Changed-By: Seth Arnold <seth.arnold at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Lucid-changes mailing list