-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 12 May 2014 21:42:47 +0200 Source: python-django Binary: python-django python-django-doc Architecture: source all Version: 1.2.3-3+squeeze9 Distribution: squeeze-security Urgency: high Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: python-django - High-level Python web development framework python-django-doc - High-level Python web development framework (documentation) Changes: python-django (1.2.3-3+squeeze9) squeeze-security; urgency=high . * Non-maintainer upload by the Security Team. * Add CVE-2014-0472.patch patch. CVE-2014-0472: Unexpected code execution using ``reverse()`` * Add CVE-2014-0472-regression.patch patch. Fix regression introduced by the original fix for CVE-2014-0472. Restored the ability to reverse views created using functools.partial. * Add CVE-2014-0473.patch patch. CVE-2014-0473: Caching of anonymous pages could reveal CSRF token. * Add CVE-2014-0474.patch patch. CVE-2014-0474: MySQL typecasting could result in unexpected matches. Checksums-Sha1: 7bd265030ef5db3769eb207446a8ea401e1825ca 2198 python-django_1.2.3-3+squeeze9.dsc 1a3a6a62d74b08dba4b475c00c7b6fed7825ad06 52767 python-django_1.2.3-3+squeeze9.debian.tar.gz 0c3191880ed3f5a6d49bae3ca7105707b0082de5 4155832 python-django_1.2.3-3+squeeze9_all.deb 20b04672d7c5ebd0a61a6d92cb4d6bec28465bfb 1908696 python-django-doc_1.2.3-3+squeeze9_all.deb Checksums-Sha256: 1e0ed73990a92a42abcfdec91467635c616a795a37a51302e7b024534e85f7f6 2198 python-django_1.2.3-3+squeeze9.dsc 954611547203207e9f92a7c3aa57dbe59625ff196792c712c4c93a3a7bf35c74 52767 python-django_1.2.3-3+squeeze9.debian.tar.gz fd5add960b4e57966466bc12ce45397d71aea819ab12108c6374d049082c212a 4155832 python-django_1.2.3-3+squeeze9_all.deb ddf56f390ad2acd1c5e25dc882ff06289ad835378c8adbede8b6b4d4742a67cc 1908696 python-django-doc_1.2.3-3+squeeze9_all.deb Files: cd53ab226740a6c956cc1e39a6f4e8c2 2198 python optional python-django_1.2.3-3+squeeze9.dsc b8d857dbd4f8fc5b27fc3c94209c6931 52767 python optional python-django_1.2.3-3+squeeze9.debian.tar.gz 3baed6e2cf10faf0b7b2f5efae682aa5 4155832 python optional python-django_1.2.3-3+squeeze9_all.deb 01409bbd10e6a66df9e639c6948112cf 1908696 doc optional python-django-doc_1.2.3-3+squeeze9_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTcSZ0AAoJEAVMuPMTQ89EScAP/iXnHRuqNfoQfR216jZiWhXe uL6eFDzSD0qhFIfZyHtbl0ikckZMWaK3I2VmvIi3fBxYUaC4fl5xjUhMhoqHzkxb K/LsRD3lZcHHBzIkzTlhrLH9h+Vbvcj8JKghmp1wyjDNwrNZCgCKQ/gVtwbnIBu5 khDKA75foE48CbU8BTJXlh+zUgWkSxGpH07ZNQ2XVcQfJQUCB8Ug0JExsx7s/goN UEK3tWP4Kw4PL2u76DY10wAzrBHMt+OX2PVhU7D4rqNtZozjaFTNtJm1PMf1xds6 2qZwJ+yFSQpR9AluPWI4Cfw2rKZJCUlb1mQscKR3h3XvYmbayMJ9XBbE0iAFeaYc 6WfUpBas67N+omlwha7pj9nvXdG7pC/KzwBKZbRlcvZLwiCY6ts6JVzfrDcCMx0m ospJz/szSVztCJDXjXNKhqzltyHnnnrNvAs9863KOUWTUnutRC+CzLB5pNndfNK9 6GYYUDb0qTOiTRebe/is+cH6xVOli5KLvADmMl38mkw9ccPEBxHm+bcewXGNSNUp RSG/Jdw7laImccaZNlrR7+Nz7nIJYhZNacYHadAvBq/8voCzpdC/NM/CHl3WGcux 2aKUGGsut0UCu/3CVtrmWo8RkNJId3YxiBrLBuVIPXZWO5BTViQB53UYeSs613Ie nqWNiXq8ynU6TYLlIo/y =XxFQ -----END PGP SIGNATURE-----