python-django 1.6.6-1ubuntu3 source package in Ubuntu
Changelog
python-django (1.6.6-1ubuntu3) vivid; urgency=medium * SECURITY UPDATE: WSGI header spoofing via underscore/dash conflation - debian/patches/CVE-2015-0219.patch: strip headers with underscores in django/core/servers/basehttp.py, added blurb to docs/howto/auth-remote-user.txt, added test to tests/servers/test_basehttp.py. - CVE-2015-0219 * SECURITY UPDATE: Mitigated possible XSS attack via user-supplied redirect URLs - debian/patches/CVE-2015-0220.patch: filter url in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2015-0220 * SECURITY UPDATE: Denial-of-service attack against django.views.static.serve - debian/patches/CVE-2015-0221.patch: limit large files in django/views/static.py, added test to tests/view_tests/media/long-line.txt, tests/view_tests/tests/test_static.py. - CVE-2015-0221 * SECURITY UPDATE: Database denial-of-service with ModelMultipleChoiceField - debian/patches/CVE-2015-0222.patch: check values in django/forms/models.py, added test to tests/model_forms/tests.py. - CVE-2015-0222 -- Marc Deslauriers <email address hidden> Tue, 13 Jan 2015 07:32:43 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Vivid
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-django_1.6.6.orig.tar.gz | 6.3 MiB | 536cbd54e533ba3563d205f0c91988b24e7d74b8b253d7825e42214b50ba7e90 |
python-django_1.6.6-1ubuntu3.debian.tar.xz | 26.0 KiB | fda73a54268e1a9cea2569bf6d108db55f9c1967a0e47473da14e2c4b706bfaf |
python-django_1.6.6-1ubuntu3.dsc | 2.5 KiB | 73e5aa5b928632d801ee85fa4d088e9e385de42b894ec2c9c38809e7b82886de |
Available diffs
Binary packages built by this source
- python-django: No summary available for python-django in ubuntu vivid.
No description available for python-django in ubuntu vivid.
- python-django-common: No summary available for python-django-common in ubuntu vivid.
No description available for python-
django- common in ubuntu vivid.
- python-django-doc: No summary available for python-django-doc in ubuntu vivid.
No description available for python-django-doc in ubuntu vivid.
- python3-django: No summary available for python3-django in ubuntu vivid.
No description available for python3-django in ubuntu vivid.