[ubuntu/trusty-updates] python-django 1.6.1-2ubuntu0.10 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Aug 18 18:28:20 UTC 2015


python-django (1.6.1-2ubuntu0.10) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service by filling session store
    - debian/patches/CVE-2015-596x.patch: don't create empty sessions in
      django/contrib/sessions/backends/base.py,
      django/contrib/sessions/backends/cached_db.py,
      django/contrib/sessions/middleware.py, added tests to
      django/contrib/sessions/tests.py, updated docs in
      docs/topics/http/sessions.txt. 
    - CVE-2015-5963
    - CVE-2015-5964

Date: 2015-08-13 17:01:14.385250+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/python-django/1.6.1-2ubuntu0.10
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list