-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 20 Aug 2014 19:30:21 -0700 Source: python-django Binary: python-django python3-django python-django-common python-django-doc Architecture: source all Version: 1.6.6-1 Distribution: unstable Urgency: high Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org> Changed-By: Luke Faraone <lfaraone@debian.org> Description: python-django - High-level Python web development framework python-django-common - High-level Python web development framework (common) python-django-doc - High-level Python web development framework (documentation) python3-django - High-level Python web development framework Closes: 757145 Changes: python-django (1.6.6-1) unstable; urgency=high . * New upstream security release. - reverse() can generate URLs pointing to other hosts (CVE-2014-0480) - file upload denial of service (CVE-2014-0481) - RemoteUserMiddleware session hijacking (CVE-2014-0482) - data leakage via querystring manipulation in admin (CVE-2014-0483) . [ Brian May ] * Don't output stuff to stdout in django-admin. Closes: #757145 . [ Raphaël Hertzog ] * Update Vcs-* fields since the packaging repository moved to git. Checksums-Sha1: 43c09273f78369c04f9a663848a8cf5014ff58d8 2409 python-django_1.6.6-1.dsc 8d62f12e64aa75fbb785588105d6bdc93e9bc566 6645456 python-django_1.6.6.orig.tar.gz 5931f75fee689fc8ca1281b993cd2510256157ea 19480 python-django_1.6.6-1.debian.tar.xz bf41b6d0c3012ce440fd9cd485eb82f3381c998f 898622 python-django_1.6.6-1_all.deb 3ef7e7d9be0683e6fc3a07dec61b4aaf348a5b2e 879444 python3-django_1.6.6-1_all.deb 417f4d22e6ec4bcbbcdc7d2938947748c79ee89c 1364314 python-django-common_1.6.6-1_all.deb af00d929115ac0a97026814e700e78d2f51cff06 1900964 python-django-doc_1.6.6-1_all.deb Checksums-Sha256: bd47a5c2f5667984a4507effbd0fab51f76c6fa87b7cd10b3c59d5d307dcab5f 2409 python-django_1.6.6-1.dsc 536cbd54e533ba3563d205f0c91988b24e7d74b8b253d7825e42214b50ba7e90 6645456 python-django_1.6.6.orig.tar.gz bae02d5cc895f8129eb5a49801b1417097256cde3072327e15d31e97687ea907 19480 python-django_1.6.6-1.debian.tar.xz 72390f30dcf8127c60f56a8939ba768519057f1680d574a8f5a6297f4166c8b3 898622 python-django_1.6.6-1_all.deb 7d3c6e155adf99e9034288a86ac7b5f01f3e9864eefc9746c59efbb0573fb11a 879444 python3-django_1.6.6-1_all.deb 6bafc49be85ed530d48b07c697cd494f771513a09e6981bc610d4222e55cb06c 1364314 python-django-common_1.6.6-1_all.deb d6b897fd4bd40c2bee75baec0dc203ac1fb5396eb717aa28a3529fe59eca3c43 1900964 python-django-doc_1.6.6-1_all.deb Files: 0240ff7f722139c1d4c46de7fabdda90 898622 python optional python-django_1.6.6-1_all.deb 03a41425012fb150390a1880574c3fbc 879444 python optional python3-django_1.6.6-1_all.deb c703572fdb61d3fb03e171c65d46bdcb 1364314 python optional python-django-common_1.6.6-1_all.deb d934ecf1f0001905b219c9909c62e125 1900964 doc optional python-django-doc_1.6.6-1_all.deb e11dc2085e0021b9d4b649bb7fa328ad 2409 python optional python-django_1.6.6-1.dsc d14fd332f31799fff39acc0c79e8421c 6645456 python optional python-django_1.6.6.orig.tar.gz 352782320a244ad979c55c393b2bc4a5 19480 python optional python-django_1.6.6-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJT9VzjAAoJEJcyXdj5/dUG2H0P/jAW50hi19VO70OkdbnAbP6K mWG/U0OzpFULOBQsHMrWWgckSJ5kmDVLjee5o6DALOJp113dbsORJZmXQJ5xGZ7g doMBkUn20gr6iJ6mJCqAX3pRznGnEP3TEIEqY0+YoC9/PnKN6cXp436aMB4vN6w2 QGuFYiMlYwtJDWlymTJUrg5xNJ5M5jMDu+k4p7r7OHCaYvrj74zmWG0zlbTdBKI6 68Nc2pQ9fveTCM5IPQyOXiMYiwR5WA3QkActyVW4HsjQrUz1RSqg+O0bnRZPnx5L ugYW+FLzKkJo3JIntCOlay+2OUAtrdpxv9ZJnfe2xolYAiJCyvra+976biz6rM5A C9y5u/YJvb6MXkB+Akhe6pLbJCASF55cGubjBISWSMCeeDCMfRGq3GINIkSPdZZL JVlwcKqCdmhJm+DoXaazb71C3t+I393+aKCvfTtxErG1E1FEyjHuIjtKlnNaaKFX czIVz+6DAdU3HXkr0Hyr1C4HgDFKDLqdcGOhWcU2sIqRd6ua+upn1JO+c4XJgfwW N/haab7ve0gdLREo3KRTJVe4OGwx8pvRYmHRVwoY6csHqV2K2OkEUgKfj/E3xKIt LQhJWdOUqjLQKah+kjx8QjIMDkjZepo7meoyZPw+DGU2WdVNnlX+KfBNxGC4jx5w c63xdkFdnEObCosw1Etg =HAXQ -----END PGP SIGNATURE-----