[ubuntu/xenial-proposed] python-django 1.8.7-1ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri Mar 4 17:04:19 UTC 2016
python-django (1.8.7-1ubuntu3) xenial; urgency=medium
* SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251)
- debian/patches/CVE-2016-2512-regression.patch: force url to unicode
in django/utils/http.py, added test to
tests/utils_tests/test_http.py.
- CVE-2016-2512
Date: Fri, 04 Mar 2016 11:03:43 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-django/1.8.7-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 04 Mar 2016 11:03:43 -0500
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source
Version: 1.8.7-1ubuntu3
Distribution: xenial
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
python-django - High-level Python web development framework (Python 2 version)
python-django-common - High-level Python web development framework (common)
python-django-doc - High-level Python web development framework (documentation)
python3-django - High-level Python web development framework (Python 3 version)
Launchpad-Bugs-Fixed: 1553251
Changes:
python-django (1.8.7-1ubuntu3) xenial; urgency=medium
.
* SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251)
- debian/patches/CVE-2016-2512-regression.patch: force url to unicode
in django/utils/http.py, added test to
tests/utils_tests/test_http.py.
- CVE-2016-2512
Checksums-Sha1:
5231c121b3543d07208ad622ef370b187e50c8e1 2787 python-django_1.8.7-1ubuntu3.dsc
a4de8dc2d82b87925cdad921e0aaec308ea9623f 30004 python-django_1.8.7-1ubuntu3.debian.tar.xz
Checksums-Sha256:
a37cd24f13f256ed35563451e2fc1674f334dd560e71c3ed6f3322f2ec95a7af 2787 python-django_1.8.7-1ubuntu3.dsc
a1c22d1fed0136c284845e4cf3363c3dc9377e146e2486930893b0b55b0572c4 30004 python-django_1.8.7-1ubuntu3.debian.tar.xz
Files:
09a2ed6cf0d2994575952e4127a1199a 2787 python optional python-django_1.8.7-1ubuntu3.dsc
8afd2a3af882a1e20e0af4f4847983fd 30004 python optional python-django_1.8.7-1ubuntu3.debian.tar.xz
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW2b+1AAoJEGVp2FWnRL6TXysP/3w807mz3ElE5hFbqGuHv5/m
CcEAVHPP0nfwx1EVDq8rSoBX3KntaLhr2+lyzCadenrAqRJORrrAjf2b9uzdxoeu
mXtQNw9ciiUqaBIGn/dp4Ikcysj65zvk48ZRR0hiw0nevU4DKXQZoIM6+5HGSj6x
YZwL0TXbGNQsHrOK6Yx+eLxTQ59LQy93Lk7M/CHDchns0bQH+5LrBrZCAiJJE6Zg
GKUj264QgheWP1j2SteAavKcfxDf6Zi8EtsVB/CO46/KTkkpQuHepgBJqilsm9pc
xwdmEVBT8IF/GK/g6nEJNvgaMIjeIQZwzR2/P6yAJaQB3H/SrgO+IJMEg6G+OF4z
YrdrpavSKCP50irY412tyNieOeQP/bxjVIlWfy2VtBm9LEIoUeRmJ503tJN1Bpgx
xOWGU1dgP8xXY39sW0luXo0y60Nh6+PrtvmcEiXWQ8/3cE7WaDrTUh/1LOxrCbk2
+l0o1s8z07o/JZd6tzUHt6kWu2iHyTjNsJ2rv5Ftfb+X/vxEM0cjsr0/uUKg9hEP
vtPVeLZ/DCSoMgUXUXetK0Nq2IDp30BHk8hB9ckDIHyk4HjXMBaukQk3HwcnwWz6
52j2uxwtCfj/Tm/LkP/44YLJxVKpOVTQ/8anD9uqavp+674X4uFYBaXd9yQSSCN3
tOMAMtw3TYK3v9QCqUlj
=SsJg
-----END PGP SIGNATURE-----
More information about the Xenial-changes
mailing list