Back to python-django PTS page

Accepted python-django 1.7.11-1+deb8u9 (source all) into oldoldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 04 Jun 2020 16:17:33 +0100
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Built-For-Profiles: nocheck
Architecture: source all
Version: 1.7.11-1+deb8u9
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Changes:
 python-django (1.7.11-1+deb8u9) jessie-security; urgency=medium
 .
   * CVE-2020-13254: Potential a data leakage via malformed memcached keys.
 .
     In cases where a memcached backend does not perform key validation, passing
     malformed cache keys could result in a key collision, and potential data
     leakage. In order to avoid this vulnerability, key validation is added to
     the memcached cache backends.
 .
   * CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget.
 .
     Query parameters to the admin ForeignKeyRawIdWidget were not properly URL
     encoded, posing an XSS attack vector. ForeignKeyRawIdWidget now ensures
     query parameters are correctly URL encoded.
 .
   For more information, please see:
   <https://www.djangoproject.com/weblog/2020/jun/03/security-releases/>.
 .
   * Fix up test failures introduced in 1.7.11-1+deb8u3 via the fix for
     CVE-2018-7537.
   * Fix up test failures introduced in 1.7.11-1+deb8u8 via the fix for
     CVE-2019-19844.
Checksums-Sha1:
 291ca5477b2078e41a157ac29bbb341acfc1f7a8 2721 python-django_1.7.11-1+deb8u9.dsc
 f9abaf7eacec73bc1c5e6080e2778a7174ebf9d4 7586798 python-django_1.7.11.orig.tar.gz
 e25f0ba6df34617d7838474fa6caa04221dbaae4 43088 python-django_1.7.11-1+deb8u9.debian.tar.xz
 7b39f911b8be01604391cda85f9a8840ca9023cb 986598 python-django_1.7.11-1+deb8u9_all.deb
 f655c550c469921553f5f56a23d4295a4e88f09b 975122 python3-django_1.7.11-1+deb8u9_all.deb
 682f864abeb1184cfba7a8503d684947f6135ea0 1491566 python-django-common_1.7.11-1+deb8u9_all.deb
 fcf0eb96f8d6ce68f152302a1b4712830ab337e9 2478808 python-django-doc_1.7.11-1+deb8u9_all.deb
Checksums-Sha256:
 6ea904eea472712b2d88ecb998c1141facc44f6003d8004928be83a74e090391 2721 python-django_1.7.11-1+deb8u9.dsc
 2039144fce8f1b603d03fa5a5643578df1ad007c4ed41a617f02a3943f7059a1 7586798 python-django_1.7.11.orig.tar.gz
 487166c91d0cc17aef04b1b02341c8b5bf3f354fe39144c73df357ef908e548c 43088 python-django_1.7.11-1+deb8u9.debian.tar.xz
 ca5a5ca1dd5935f12f63e950800b62bbf68cd181f2e74de8c68a533636171343 986598 python-django_1.7.11-1+deb8u9_all.deb
 22d085025a73532e460032110a183d3e5f0d8b9d7e357cef2239bdf8ed5f2338 975122 python3-django_1.7.11-1+deb8u9_all.deb
 d3d66fb9990266e27a5d4e536ed34cf5aadabe2290c489a2919ab72b7a1402af 1491566 python-django-common_1.7.11-1+deb8u9_all.deb
 a0642fea58bb737d0a1f863d0c6120738a6c50b449988335195d0bfecb718e67 2478808 python-django-doc_1.7.11-1+deb8u9_all.deb
Files:
 b18938f45b74873b7b87448a2e5cf747 2721 python optional python-django_1.7.11-1+deb8u9.dsc
 030b2f9c99a6e4e0418eadf7dba9e235 7586798 python optional python-django_1.7.11.orig.tar.gz
 f5b11453cf9f7311cf87c6212be68aa7 43088 python optional python-django_1.7.11-1+deb8u9.debian.tar.xz
 599d60a633d2a69fe718b09390fec22a 986598 python optional python-django_1.7.11-1+deb8u9_all.deb
 af8546330ecf233e8c84db8e759be199 975122 python optional python3-django_1.7.11-1+deb8u9_all.deb
 57ea81ff8340c0f2b83b4e113d2e9637 1491566 python optional python-django-common_1.7.11-1+deb8u9_all.deb
 d22097e5016a670c54edfd8d1303649e 2478808 doc optional python-django-doc_1.7.11-1+deb8u9_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7ZGdYACgkQHpU+J9Qx
Hlh+ZBAAhVSdbzUHtyPtjECYZuaDMur+CMY/FiLlLCQ1Mb9yKN5PgzY8sI4cA9bH
5Xz8+pYskSNWm9Kw3xpEf8CfsqHU8eYl7Yv8O9VtuAAvwVztjFhFquZ2eqoPjw8j
OI4gi9iIW6hU7pPvaCwL40s/wlGaMyDkfQeW/fUnmxY0FxGm+n0K7X2xjR8olbo0
e5DV4y/jBgqvzCiSxQ7Zn40vUeAE16fhRXLbNXPjoQlHhu3BRjt4SjHBcxQeiaz4
hPCiGG1FnrthzgGnjBCUEdoCb3/kC+DNtt72wkKR2pj0Wmix1Ba4dt5ByVtlBPzB
qAVruur/dbB8zbn8swj2HqHa4pdzKbJwBSqNcr+dfZJyuMZIhJ0TFdyhBsyNqbu8
Qn6Ix7Zj65cBQIoHPJ4COA1xl2oB5F6gSTJk5N6Uc+47MPdOYvVDFfW5bGXzE+LU
GIvmRGoQxttdP4oGeezMfFpvNey5ehgi7txv2QI9kJCSfmkR3RPF6AgfwNllT6tO
mMC0oRpBpsGrsYdKtx7LNQSV6FA/oRmuvEhCiCrZLNL2fLCu2/qj7rK4iW6dHGrv
kELK7CnysmgwaRuUKtBxlrmtJWP88mK5uS4lXQTUx7fBC8t1UXC6UA/0Pwc+2zFN
xA3iGk7pDhYTy7nGs9qM+Mx/g7CyFre3oD39qZvO0hjZTjw7VS8=
=0UBQ
-----END PGP SIGNATURE-----