[ubuntu/oneiric-security] python-django-piston 0.2.2-1ubuntu1.11.10.1 (Accepted)
Julian Taylor
jtaylor.debian at googlemail.com
Wed Nov 9 21:03:23 UTC 2011
python-django-piston (0.2.2-1ubuntu1.11.10.1) oneiric-security; urgency=low
* SECURITY UPDATE: remote code execution vulnerability. LP: #884910
- 02-fix-yaml-load.diff: use yaml.safe_load
- 03-fix-pickle-load.diff: disable unpickling, backport from 0.2.3, patch
thanks to Debian
- https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/
- CVE-2011-4103
Date: Wed, 02 Nov 2011 19:18:12 +0100
Changed-By: Julian Taylor <jtaylor.debian at googlemail.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/python-django-piston/0.2.2-1ubuntu1.11.10.1
-------------- next part --------------
Format: 1.8
Date: Wed, 02 Nov 2011 19:18:12 +0100
Source: python-django-piston
Binary: python-django-piston
Architecture: source
Version: 0.2.2-1ubuntu1.11.10.1
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Julian Taylor <jtaylor.debian at googlemail.com>
Description:
python-django-piston - Django mini-framework creating RESTful APIs
Launchpad-Bugs-Fixed: 884910
Changes:
python-django-piston (0.2.2-1ubuntu1.11.10.1) oneiric-security; urgency=low
.
* SECURITY UPDATE: remote code execution vulnerability. LP: #884910
- 02-fix-yaml-load.diff: use yaml.safe_load
- 03-fix-pickle-load.diff: disable unpickling, backport from 0.2.3, patch
thanks to Debian
- https://www.djangoproject.com/weblog/2011/nov/01/piston-and-tastypie-security-releases/
- CVE-2011-4103
Checksums-Sha1:
190c21594b8966b4f409f16ce54e470ab4801045 2290 python-django-piston_0.2.2-1ubuntu1.11.10.1.dsc
3d345d7b473ff135b92252cc8adbb59f3254220e 4878 python-django-piston_0.2.2-1ubuntu1.11.10.1.debian.tar.gz
Checksums-Sha256:
a624e50a8018dce144687172b8fbbb49ca63a6ff732c2cf93de3c08b23e2c0b8 2290 python-django-piston_0.2.2-1ubuntu1.11.10.1.dsc
c7ad556d1b966a16b8acbdd38d1d5bbcbf2c45e68b612f094862e18dfdd1d5b7 4878 python-django-piston_0.2.2-1ubuntu1.11.10.1.debian.tar.gz
Files:
80b999817c6d6bb647377da413a44ce1 2290 python optional python-django-piston_0.2.2-1ubuntu1.11.10.1.dsc
699d106977e292bea925caff84758f2c 4878 python optional python-django-piston_0.2.2-1ubuntu1.11.10.1.debian.tar.gz
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>
More information about the Oneiric-changes
mailing list