Back to python-django PTS page

Accepted python-django 1.7.7-1+deb8u4 (source all) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 12 Mar 2016 17:13:01 +0100
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source all
Version: 1.7.7-1+deb8u4
Distribution: jessie-security
Urgency: high
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 816434
Changes:
 python-django (1.7.7-1+deb8u4) jessie-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2016-2512: Prevented spoofing is_safe_url() with basic auth.
     Malicious redirect and possible XSS attack via user-supplied redirect
     URLs containing basic auth. (Closes: #816434)
   * is_safe_url() crashes with a byestring URL on Python 2.
     Fixes a regression introduced by the original fix for CVE-2016-2512.
   * CVE-2016-2513: Fixed user enumeration timing attack during login
     (Closes: #816434)
   * Add Build-Depends on python-mock and python3-mock
Checksums-Sha1:
 00bb6e5e4d494cb291995f06150648812bb04fa2 2677 python-django_1.7.7-1+deb8u4.dsc
 d0d0598cff5d7d992713d56b01ea20239efe3add 32696 python-django_1.7.7-1+deb8u4.debian.tar.xz
 0a052de6f4129a2477a2dd2605f27830341975ea 988070 python-django_1.7.7-1+deb8u4_all.deb
 7d4302320aab07c482b63aafece5c2c4173e37d6 971236 python3-django_1.7.7-1+deb8u4_all.deb
 bc144f2c117ee1cda47cef7d2ab298df5590fb34 1497606 python-django-common_1.7.7-1+deb8u4_all.deb
 426955e8a2438f4bda1cceaeec2307a0a6180cca 2488202 python-django-doc_1.7.7-1+deb8u4_all.deb
Checksums-Sha256:
 faea69f01a3f266a885f6bcdacd8b616ad8acf8612e58c36aeb8b1c71c035c5e 2677 python-django_1.7.7-1+deb8u4.dsc
 c049a536683cf513c15fb7d1a79d580dc55414a379265e2da1f89432ef3fa6ec 32696 python-django_1.7.7-1+deb8u4.debian.tar.xz
 f7ae460fcefb0585cf0254effab573711bd253051f1858a705b19d46c6f6ec50 988070 python-django_1.7.7-1+deb8u4_all.deb
 c4bfa80a1395c8c122d919f087485656d6fc7fe7bd2692459a5db5df15f97ca0 971236 python3-django_1.7.7-1+deb8u4_all.deb
 24c61c42ccc63636ba857c3566a72193c30be30b320736f1c4b4d7c558a271c3 1497606 python-django-common_1.7.7-1+deb8u4_all.deb
 2341727645b3e673165555cd754d5823a5f276ab186422a35a6c43f4211f663d 2488202 python-django-doc_1.7.7-1+deb8u4_all.deb
Files:
 c73ad978888bc3b4f9b40e006a59635b 2677 python optional python-django_1.7.7-1+deb8u4.dsc
 44d5bf1cdd95878d7a72e9a7197b294a 32696 python optional python-django_1.7.7-1+deb8u4.debian.tar.xz
 116aaff677194c56a05ab9e358141c0f 988070 python optional python-django_1.7.7-1+deb8u4_all.deb
 d2c8c310ad99680d78f467c7adc1101a 971236 python optional python3-django_1.7.7-1+deb8u4_all.deb
 3ad8133f3946991135a72a1e1e50137f 1497606 python optional python-django-common_1.7.7-1+deb8u4_all.deb
 720cb0275fa7d89925ae854e172da323 2488202 doc optional python-django-doc_1.7.7-1+deb8u4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJW7QcTAAoJEAVMuPMTQ89ExBwP/0iyKy4LQkBO+K0/sKbyY1+K
o3pdioVdz5ZfU38hJoqpSALQnkWaaILIxwwNt4iyUcMsJzxRw6BCvKFxeJDaf60R
aIM6n6H34BwTOrmdMqMt7yY57Lg2B5xbMQrYsIc6/M4u76dDg+zlVl3GvLvwhTJk
cxBHCXNJjBimmrkDV3+5RJMmHx5C/UgQkwQPNsWakAZcMkoFO0K6I1C32L9zvdQa
Sfl6SU0veagi5o87rtzLm3C1jbv27ZcfPTrw0mh5YYD1Ranwh5XyBpHHO22msxtb
G29lXg0dFGTuEw/rtA2kwyYVMhNmQcF3MQe6REMsvteZYuKdkQ4IB7r7/Ndp0tIU
B6I10mJ4aNTs3GSCVlMMmLk1RZWbSDcjhSZt8Z+GnNMsqCNabAVut+vpzkNbtiYu
SfHVfuEE1sGwf3eIOiL5aOa2nXkPr8dkCACtQoIA5vSBEfp2ytcsgJC/oBdaOl6W
8orAQ3EcpSQmZvTOba8BhLl3KuuAb6O1DYUT/zaMMMtuoTcgnFECZ/Q8J73B98Zj
mxwxOuyfEFF5hzX7d89XRq+Dzk0sXFW/HsURUNZyU9ir2e6ft0qhhkapzHW1GF0z
4JL+bwykMqjzWVTFg6IHySTDoAqxcda/RZHDdY3lwT4AflTYI+fhm7UVpf1qR7z8
/XNw5H4QZFvXZk2aqvJE
=VtkI
-----END PGP SIGNATURE-----