-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 29 Sep 2014 07:52:17 +0000 Source: python-django Binary: python-django python-django-doc Architecture: source all Version: 1.2.3-3+squeeze11 Distribution: squeeze-lts Urgency: low Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: python-django - High-level Python web development framework python-django-doc - High-level Python web development framework (documentation) Changes: python-django (1.2.3-3+squeeze11) squeeze-lts; urgency=low . * LTS security upload: https://www.djangoproject.com/weblog/2014/aug/20/security/ - CVE-2014-0480.patch: reverse() generating URLs pointing to other hosts - CVE-2014-0481.patch: file upload denial of service - CVE-2014-0482.patch: RemoteUserMiddleware session hijacking - CVE-2014-0483.patch: data leakage via querystring manipulation in admin * Add no-network-access-on-builder.patch to disable regression tests using the network. * Add get-random-string-backport.patch to backport get_random_string() needed by CVE-2014-0481.patch. Checksums-Sha1: 97c24395f5a202ebc0a9aef8e7d87ece3c878763 1891 python-django_1.2.3-3+squeeze11.dsc f8a84de6693e0b1c09b7335c000d2518cd320391 61807 python-django_1.2.3-3+squeeze11.debian.tar.gz 49f994f3b45a129cb671fc76d96c1c6bd1a90ff5 4225180 python-django_1.2.3-3+squeeze11_all.deb 2c6ff95824baff48c6e82cc61e7bf0a569e1a3d8 1895974 python-django-doc_1.2.3-3+squeeze11_all.deb Checksums-Sha256: bf34e7062abe002704c64988ebb9d5bc495b632a8d42f0d34ab1b00d8fe62def 1891 python-django_1.2.3-3+squeeze11.dsc f1ebba9e620314625903846fcb4ca02f4ddcc40926f9b3351e63ffa3c1d8767b 61807 python-django_1.2.3-3+squeeze11.debian.tar.gz a4b6fdd7d9cd635dc7eeeda1dff4d384cf5a53e3d630574736474883f8141874 4225180 python-django_1.2.3-3+squeeze11_all.deb a014675086741204c924a105343811a086cbbc4461bd38a528fb8964c810d335 1895974 python-django-doc_1.2.3-3+squeeze11_all.deb Files: 8ee832c10d926561df28c05bcfff3089 1891 python optional python-django_1.2.3-3+squeeze11.dsc 5a368dff26d5f893eabb73135d49acf5 61807 python optional python-django_1.2.3-3+squeeze11.debian.tar.gz 04a66f2c44d3c48e29b537a755e8437b 4225180 python optional python-django_1.2.3-3+squeeze11_all.deb 82558379e772d98efa6a763b6616a726 1895974 doc optional python-django-doc_1.2.3-3+squeeze11_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Signed by Raphael Hertzog iQEcBAEBCAAGBQJUKRS6AAoJEAOIHavrwpq5iUEIALF8bSLGU7D1b+eQMNBnyvJt iPkXLXpms9euREZSCj59r3RDGocskwx9yQmN+YaCbP91F2YLAFTa6wJwAyiRPGX7 leOsmTQVqZun9+weM6c1FBRwmW7yPcyXzxWjBkIByNTeUh0mUaUqaiG6UGC1YtSG Gv8ftL1wq4X+wEXb8wst465VNHVGlRCun9HMyQLNoNbmvMLkoZi0DVAJ97hgrIuQ eUuAOBZtjitaFAeBwmIDOuXny6bFgnu5IsbvoiHfyqtrvD0OW41uYd6id08JIlm0 rz4WkZ/DyHodDfWiXw/IvIQhVKv3wV9+MnwyYtOz5S2qT3P7wLBWdOP02Krf2bM= =j06P -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-lts-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/E1XYXE9-0004eH-JO@franck.debian.org