Back to python-django PTS page

Accepted python-django 1.4.5-1+deb7u15 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted python-django 1.4.5-1+deb7u15 (source all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 08 Apr 2016 09:49:41 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1aoT2r-0004n0-HZ@franck.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 13 Mar 2016 07:18:04 +0100
Source: python-django
Binary: python-django python-django-doc
Architecture: source all
Version: 1.4.5-1+deb7u15
Distribution: wheezy-security
Urgency: high
Maintainer: Chris Lamb <lamby@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description: 
 python-django - High-level Python web development framework
 python-django-doc - High-level Python web development framework (documentation)
Closes: 816434
Changes: 
 python-django (1.4.5-1+deb7u15) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2016-2512: Prevented spoofing is_safe_url() with basic auth.
     Malicious redirect and possible XSS attack via user-supplied redirect
     URLs containing basic auth. (Closes: #816434)
   * is_safe_url() crashes with a byestring URL on Python 2.
     Fixes a regression introduced by the original fix for CVE-2016-2512.
   * CVE-2016-2513: Fixed user enumeration timing attack during login
     (Closes: #816434)
Checksums-Sha1: 
 281e4dba3ba0ca414b3d7360f52f3d9acb9ce956 2257 python-django_1.4.5-1+deb7u15.dsc
 1c3af1148f8e8e2efc3a95248c62d35cc8db5fac 52428 python-django_1.4.5-1+deb7u15.debian.tar.xz
 ba4f59dd152b46e3fce18779afcd026e949b8e48 5334228 python-django_1.4.5-1+deb7u15_all.deb
 f2a44164d0036a3718cc88ec60503cda7ac51acf 2435638 python-django-doc_1.4.5-1+deb7u15_all.deb
Checksums-Sha256: 
 1b34b4c39ab6505037ef3c5557d12e38e674781ed33fe0097c150c3f6cb48985 2257 python-django_1.4.5-1+deb7u15.dsc
 18f6c78e2ccbffd3945bf0f6b010ca18b405e9228e96d97c177a7cf0d81982a9 52428 python-django_1.4.5-1+deb7u15.debian.tar.xz
 9a97b41dba1b8268c0cd13e9e41db2a5e870787d98ba2c8cb3835a14748d9958 5334228 python-django_1.4.5-1+deb7u15_all.deb
 092ccf784d4b89c3b9c10859a06e80e1a6078230de17dc9ea4afba432f05eb36 2435638 python-django-doc_1.4.5-1+deb7u15_all.deb
Files: 
 0c31996b847c9585b83ef290d0f4c0f8 2257 python optional python-django_1.4.5-1+deb7u15.dsc
 8204800801f13a380da90c72e7d5bc38 52428 python optional python-django_1.4.5-1+deb7u15.debian.tar.xz
 fcd0e9c0e2beb9265fea39c3f020e7e0 5334228 python optional python-django_1.4.5-1+deb7u15_all.deb
 a8fec55c5f0ce595e42274f3e6c751aa 2435638 doc optional python-django-doc_1.4.5-1+deb7u15_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJW7Qp5AAoJEAVMuPMTQ89E23wQAJaSNk/e50fV+iabjVLhCtYd
08c5OrmQjpHwCld50wn85RducKijhOwjkCDlTjK0ocesoAWv3DSh3lnCCiogJmPH
6AWXXCm5afH9PA4ojHThYCE/ZDyjR/kisdnM0/DuBfz4dMpGUvD4BaXjh+iIVmCm
Yloe5i/dcgmeDju54K5EknvvUJwm8T/JxeWVHkrHQ1QStVgbyzQAWerfc4FAollr
C1e9LzrOxr+67dDdB9JoGBpLhvTOy6vjjUjnhnpE5nPeVHpEkP0uwMjOXjXldVxn
CgFK6zOYNdDCoMbOKzE2P/k00kpnEFbWKQvtZ32J35zuwJ1qO/i5INgxjhi5TwXI
Cr6Dn/uaNJA4ujBkqmPe7AbP7SVNlGWJ7lHNBzkGHP9kYlCEUyZAH45wmknGdXMP
Xx3PCo9da3NuC/ncvO3xLGE1F4N/dpYeXA8FfxNhjn64XazcU72seDIzaXSsa0l9
5TlWCGa/LY4rYu9j2ai58zG2k/sA379PWPmvIHjZUjWAWErK0WAA0XVrjDKWAagj
ohA8AwWaVYgU90ivqcW9n5LPH38Obrceeb7798PE+hnDCmkQcdGjMEg4DZZOufYv
CUN2NChISilrL0xfVOoHukueOwYHiCQQhGsORGEWFfiC1X0cycs/rk0UIXi8Lb4T
+FDCW0YzC6jBE13lPwPS
=cCmg
-----END PGP SIGNATURE-----