Accepted python-django 1.2.3-3+squeeze12 (source all) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 28 Jan 2015 18:39:56 +0100
Source: python-django
Binary: python-django python-django-doc
Architecture: source all
Version: 1.2.3-3+squeeze12
Distribution: squeeze-lts
Urgency: medium
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description:
python-django - High-level Python web development framework
python-django-doc - High-level Python web development framework (documentation)
Closes: 775375
Changes:
python-django (1.2.3-3+squeeze12) squeeze-lts; urgency=medium
.
* Backport multiple security fixes released in 1.4 branch:
https://www.djangoproject.com/weblog/2015/jan/13/security/
- WSGI header spoofing via underscore/dash conflation (CVE-2015-0219)
- Possible XSS attack via user-supplied redirect URLs (CVE-2015-0220)
- Denial-of-service attack against django.views.static.serve
(CVE-2015-0221)
* Also include a fix for a regression introduced by the patch for
CVE-2015-0221: https://code.djangoproject.com/ticket/24158
Checksums-Sha1:
a4e19ad8e3ea56a1d3c5d8c8f5feaac8eb8679da 1891 python-django_1.2.3-3+squeeze12.dsc
ff188c8d5b1bdbd8f3892ad9d1af26eae846e3f2 70273 python-django_1.2.3-3+squeeze12.debian.tar.gz
d587c5e226f47f83f873f9e07240aad0d566e1ff 4219974 python-django_1.2.3-3+squeeze12_all.deb
87d87e891c4456db470ceaf16ea8e1edb91c1a43 1898772 python-django-doc_1.2.3-3+squeeze12_all.deb
Checksums-Sha256:
7e87aa2d4de87ec5312a80e46e5c41b2cec5725f1de20345bb443cb677dc7a77 1891 python-django_1.2.3-3+squeeze12.dsc
e55a5d0987c1dbdded3a5381c523c87d3e44558f7bb45d7cf92c523319a95c06 70273 python-django_1.2.3-3+squeeze12.debian.tar.gz
2b8b8de356125d2a0e3afd451d4edfce689699904b49681d6b537c8010cf7365 4219974 python-django_1.2.3-3+squeeze12_all.deb
f549a3b504c073e73a385e02f7894f9889193fc29948093e8badc598ae1a1441 1898772 python-django-doc_1.2.3-3+squeeze12_all.deb
Files:
97497708e02acb6cf77b189e3eacf8b6 1891 python optional python-django_1.2.3-3+squeeze12.dsc
a78e708f15953fc6bfb5d93739916a53 70273 python optional python-django_1.2.3-3+squeeze12.debian.tar.gz
5f938f3163216dd982007fcb1486510f 4219974 python optional python-django_1.2.3-3+squeeze12_all.deb
2d75254e01f944ee7594327b8d2e12f6 1898772 doc optional python-django-doc_1.2.3-3+squeeze12_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Signed by Raphael Hertzog
iQEcBAEBCAAGBQJUyhTRAAoJEAOIHavrwpq5s78H/j6jj77THwki34bg4Vs5AJKe
Xz1k5eDEkutmhIrUePfFQFDLEEW8DlAehUSgTzAeq1v9FaRF4NRDWN0CVRA1v/FV
0I94zirL0Edl5dV9DQX7WLvc3IjjBJ6HPiaUFjcajvnqYQqVInjviRwJ27467jRQ
c8Aab8wtaX9oWXCr/J31p4zrNNKhiv8r0C69448e8HfllsPCfmfllRABTFZ9ATOU
jVKHKCKlElqf/7ZgqTEP1eSCAecEo8rSE49+VQEpfYOkG8wANGbLQ0zZGrKPtgr9
hpT/rzRBnwTBnep6yqkZwFmjbnsLxExGSLkmA94JIOdgYpQkJHFrLduVxvsYBfQ=
=dCBp
-----END PGP SIGNATURE-----