-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 02 Aug 2012 11:05:53 +0200 Source: python-django Binary: python-django python-django-doc Architecture: source all Version: 1.2.3-3+squeeze3 Distribution: stable-security Urgency: high Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: python-django - High-level Python web development framework python-django-doc - High-level Python web development framework (documentation) Closes: 683364 Changes: python-django (1.2.3-3+squeeze3) stable-security; urgency=high . * Stable security upload: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/ Fixes: CVE-2012-3442 CVE-2012-3443 CVE-2012-3444 * Apply/backport the 3 security patches: - debian/patches/16_fix_cross_site_scripting_in_authentication.diff - debian/patches/17_fix_dos_in_image_validation.diff - debian/patches/18_fix_dos_via_get_image_dimensions.diff Closes: #683364 Checksums-Sha1: db06de100f0cdc9c764d1ae90bbd7c148cae7c27 2214 python-django_1.2.3-3+squeeze3.dsc 5840c65319e6889984bb33d343778ee524811174 30059 python-django_1.2.3-3+squeeze3.debian.tar.gz 06dde38874023f139ad41a6481254b7a1a82b873 4239072 python-django_1.2.3-3+squeeze3_all.deb 2527f396d2606ae3165490215e9c9d5a0e4bc2cb 1903824 python-django-doc_1.2.3-3+squeeze3_all.deb Checksums-Sha256: be216548b799068b8604a56a0cb1b47f68db32f072bb0e4c7e5964f1bd58ac31 2214 python-django_1.2.3-3+squeeze3.dsc 39d24cf22c491fedeb978f93bca3a69e4caa15f4a73e7653a60e1c427139bff1 30059 python-django_1.2.3-3+squeeze3.debian.tar.gz 5addcb469066d34a44281fe07aec301752d860ed3571416d69c1257bcd088054 4239072 python-django_1.2.3-3+squeeze3_all.deb 09859529e501cef1b6a426b52ae0c6feb3fd8a005cbdb0b154ef4573c61734f0 1903824 python-django-doc_1.2.3-3+squeeze3_all.deb Files: db76d856e41f2afd3627bd835fbdf211 2214 python optional python-django_1.2.3-3+squeeze3.dsc 03d8d20663be27efb684d4664c5f7cd8 30059 python optional python-django_1.2.3-3+squeeze3.debian.tar.gz debd8f20a11aa5e0fabf6a6f2c3382f1 4239072 python optional python-django_1.2.3-3+squeeze3_all.deb b3e52e2447fb48ec6236b702293150f6 1903824 doc optional python-django-doc_1.2.3-3+squeeze3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Signed by Raphael Hertzog iQIcBAEBCAAGBQJQGlcxAAoJEOYZBF3yrHKaP3MQALXyByLhrIw9Vu6DYqI0AR6t OU63Y0eQ0BWIvgBhhknjrf7TpdUmQogLwn4UUCgWFamiuBXKYNXc8WoQkRlM6Qq/ jasDemsyWJ/7VmFELbW6KV2phl8ZRHx4KGi9G+p1P7GsLeIf8/oIgWVTwMwcA/Me cocZ6wiRAZLAwfkM0O7/UQ6IbXbPZvlNiWi2j39LowPSXCmkA4Za4kYVNGqoTJbT KfJAtjjThHTAZGRH8ucczmxZhv5PMy6IXVwXmNt4DenvbVy4acDbfavky88M/vN2 ReIgQEvJgtcEBNTPkAK8iDZGyK0HJElQ6nD4XuV06wc+DP0EuN7U0g2Mx50IdW9X Loj2OGpIQXncsOKPEfL2SJeg+mt36Tgofvz+Te8PI2ahMGw9vgadmK5CWvU/+pEE rGpVgYVNLkndTkMVKjObVfzFCLiJczPplLDRf3M2DlTQ+KhK7yvySoQ3udFROeCZ Ht+fDPteUFWDMQqa4awmajYGLpYkEpTcd0myOhhoz67DfrqTWhYlS09HrsJlbxUa c/mTCdvVl7ckjIie+jRmSkTxkVwIyvJBlZy9LVbTDz3+hqgK3xgmwYZgRLXiVGva WdWJFmDWO1UmvLJ2vAAkBE+9gaNzNIkn8jf3zfMNMscXhk1f2bYBFO9+YjSORJ0f qR72hm02HVrWHewU6Ywb =otkq -----END PGP SIGNATURE-----