[ubuntu/precise-updates] python-django 1.3.1-4ubuntu1.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Sep 10 13:29:15 UTC 2012
python-django (1.3.1-4ubuntu1.2) precise-security; urgency=high
[ Scott Kitterman ]
* SECURITY UPDATE: multiple issues (LP: #1031733)
* References CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
* New upstream release to address three security issues:
- Cross-site scripting in authentication views
- Denial-of-service in image validation
- Denial-of-service via get_image_dimensions()
* Added debian/patches/security_http_redirects,
security_image_uploading_two, and security_image_uploading cherry picked
from upstream git
[ Marc Deslauriers ]
* debian/patches/security_http_redirects: remove unrelated changes, add
python 2.4 regression fix.
Date: 2012-09-06 13:40:15.056612+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/precise/+source/python-django/1.3.1-4ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list