[ubuntu/wily-proposed] python-django 1.7.7-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri Jun 26 14:05:23 UTC 2015 

python-django (1.7.7-1ubuntu1) wily; urgency=medium

  * Merge with Debian; remaining changes:
    - debian/patches/99_fix_multipart_base64_decoding_large_files.patch:
      Fix Multipart base64 file decoding with large files ensuring that the
      actual base64 content has a length a multiple of 4.
  * Removed patches included in new version:
    - debian/patches/CVE-2015-2316.patch
    - debian/patches/CVE-2015-2317.patch
  * debian/patches/fix_sqlite_ftbfs.patch: fix FTBFS with newer SQLite.
  * debian/patches/fix_ftbfs_python2710.patch: fix FTBFS with newer python.

python-django (1.7.7-1) unstable; urgency=high

  * New upstream security and bugfix release:
    https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
    It fixes:
    - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs
      Closes: #780873
    - CVE-2015-2316: Denial-of-service possibility with strip_tags()
      Closes: #780874

Date: Fri, 26 Jun 2015 08:58:01 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-django/1.7.7-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 26 Jun 2015 08:58:01 -0400
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source
Version: 1.7.7-1ubuntu1
Distribution: wily
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 780873 780874
Changes:
 python-django (1.7.7-1ubuntu1) wily; urgency=medium
 .
   * Merge with Debian; remaining changes:
     - debian/patches/99_fix_multipart_base64_decoding_large_files.patch:
       Fix Multipart base64 file decoding with large files ensuring that the
       actual base64 content has a length a multiple of 4.
   * Removed patches included in new version:
     - debian/patches/CVE-2015-2316.patch
     - debian/patches/CVE-2015-2317.patch
   * debian/patches/fix_sqlite_ftbfs.patch: fix FTBFS with newer SQLite.
   * debian/patches/fix_ftbfs_python2710.patch: fix FTBFS with newer python.
 .
 python-django (1.7.7-1) unstable; urgency=high
 .
   * New upstream security and bugfix release:
     https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
     It fixes:
     - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs
       Closes: #780873
     - CVE-2015-2316: Denial-of-service possibility with strip_tags()
       Closes: #780874
Checksums-Sha1:
 01e4542703c54e0f0f95947ee0e561a8503f551f 2729 python-django_1.7.7-1ubuntu1.dsc
 614cc9f8e1af6630c54300f6bdd88e7b783614c3 7603286 python-django_1.7.7.orig.tar.gz
 cc524c6c6d5e423c35ae459eec70d59b4de8b513 24820 python-django_1.7.7-1ubuntu1.debian.tar.xz
Checksums-Sha256:
 d3c1adf866bcdaade29e7394f4039457ec440e65297cd7d891de0ce936be48d0 2729 python-django_1.7.7-1ubuntu1.dsc
 4816f892063569ca9a77584fa23cb4995c1b3b954ef875102a8219229cbd2e33 7603286 python-django_1.7.7.orig.tar.gz
 b1448983ce51c8aa47d03e3e02397b11bf4650db3c26a1fbe4f983e13bc2f619 24820 python-django_1.7.7-1ubuntu1.debian.tar.xz
Files:
 46728ca432d53ff7ed98932e13607803 2729 python optional python-django_1.7.7-1ubuntu1.dsc
 a62d6598966947d150525ad2ab20fb0c 7603286 python optional python-django_1.7.7.orig.tar.gz
 de4bfc38c0e6f36c11afb63260f7399a 24820 python optional python-django_1.7.7-1ubuntu1.debian.tar.xz
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVjVupAAoJEGVp2FWnRL6TcIAP/1TOkd5SZ2JFteSGSa3/nu8J
LJn9/7KB5MGE9cCqr9ofyKxooPVCZmvnCzH396VQ2lTTBtQ8EhFmZFf3Nu8FJMQt
4euCz2sM/wWHWoV47qHDnIhgpY9jU7UqwKBMGEO5nfbKzVasDLEtNlFJ1wbrqjEe
R/kTA1OS3NmNT92zBwFigkUnmm9Ho82bjcXhc+fDwQ9hhpOqtFhx5nBgNbETCRD4
egnr75IcoYPp76RI2nlxVC4CXj3HuESRgrB3GLk7HcfSs27lWiGD+5NY3ryTiDfq
dno9jPXgOgZs0QoSed3SEmPJ7Qz/FRV1gNjPW6iOudNY1DVx16ybSmCwUQQ0x6Hn
WBdhHeYOLTcTtWJklXOAJzjoiPhAn8iUDfhiTUfchIGMatS3XvrvSS4yJ7wu39kj
Ev8A+OjLRfxbklfx3yde1zUyUMTf7ea+5IdvVKiBK6gYlLApA3cw8v+YDwRzSDcA
HnGXPFNeNWlUpp1x4gCaHG75zhzWSjVCxRmVF6c9FbR6wyeJFMWKYg3EaRlkbK9P
NxEw/nFomnphnLD+wkvlUT7i0hZHf0WfrXJJeLyPcagW6z/ZTe3rt0aL8q5wYx0p
3+1XcJWA+4xAeUY4BwRc8ew0dWdmjLGRmCIukLDEVXWFfn/aJ65sEsgivWKM9hCC
varhQyJSkqMUONFV7Qxf
=j5RD
-----END PGP SIGNATURE-----

More information about the Wily-changes mailing list