-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 23 Mar 2015 20:41:13 +0100 Source: python-django Binary: python-django python3-django python-django-common python-django-doc Architecture: source all Version: 1.7.7-1 Distribution: unstable Urgency: high Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: python-django - High-level Python web development framework (Python 2 version) python-django-common - High-level Python web development framework (common) python-django-doc - High-level Python web development framework (documentation) python3-django - High-level Python web development framework (Python 3 version) Closes: 780873 780874 Changes: python-django (1.7.7-1) unstable; urgency=high . * New upstream security and bugfix release: https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ It fixes: - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs Closes: #780873 - CVE-2015-2316: Denial-of-service possibility with strip_tags() Closes: #780874 Checksums-Sha1: 72dc9c90ac92fbf6197b7d7d9e24c70efdadd9ef 2311 python-django_1.7.7-1.dsc 614cc9f8e1af6630c54300f6bdd88e7b783614c3 7603286 python-django_1.7.7.orig.tar.gz c38bc1489f5cecb0f91e05449dbc91fbc96c5c50 21708 python-django_1.7.7-1.debian.tar.xz 433314c88a5c70f72bd60d0511d974c54cb91da1 984522 python-django_1.7.7-1_all.deb c456939fad58b14c67cf5e46f97364205baa6a58 967680 python3-django_1.7.7-1_all.deb 20b2d250603564453357e3040593f0941fb991c3 1499436 python-django-common_1.7.7-1_all.deb ae14434362f0ee1737468d87806afc18c79f02f9 2483758 python-django-doc_1.7.7-1_all.deb Checksums-Sha256: 3dfa5c4b949073de775ebd68fa9bbfd622c96442134f9070c8a64fe3574dbdc2 2311 python-django_1.7.7-1.dsc 4816f892063569ca9a77584fa23cb4995c1b3b954ef875102a8219229cbd2e33 7603286 python-django_1.7.7.orig.tar.gz 54d56fbaf3b4c93a59e44098c58e6362f45f55f0b3e2592a1288b9b699c067e9 21708 python-django_1.7.7-1.debian.tar.xz 3408c356d04bbce78cac168d7cff9147d1e19de240f96d1284a5c5169efe6ae7 984522 python-django_1.7.7-1_all.deb 4eb47b82b0b2ca7428008dbecf41a25e4521f5960a6ce9c0e4661cc97dc2c35d 967680 python3-django_1.7.7-1_all.deb 93db9200787e66fae474958a7467efa5afe6934b6cd99afcd2c680278f6bee2f 1499436 python-django-common_1.7.7-1_all.deb 2488226be2f66eb80ba8d14d90900e1b3864f792e9d85a91c5ddd66c84acdf27 2483758 python-django-doc_1.7.7-1_all.deb Files: 05a83cb25409f8a3a84418d99709eff7 2311 python optional python-django_1.7.7-1.dsc a62d6598966947d150525ad2ab20fb0c 7603286 python optional python-django_1.7.7.orig.tar.gz 4fba1c456ba33d6a2cfc9a58c5520cb1 21708 python optional python-django_1.7.7-1.debian.tar.xz bed9b0aa1c8d6f72ac46af0253ad00b4 984522 python optional python-django_1.7.7-1_all.deb d33575e1a3cbf8549a4b997344cde7c8 967680 python optional python3-django_1.7.7-1_all.deb f543e667daeada7c10fb7ea81ab307c2 1499436 python optional python-django-common_1.7.7-1_all.deb dfac201febad15cce300877d61f395f4 2483758 doc optional python-django-doc_1.7.7-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Signed by Raphael Hertzog iQEcBAEBCAAGBQJVEHQRAAoJEAOIHavrwpq5+e8H/ib2BJO6n5NnjGIK9spH/5Gs iS7fSaaLFNFCqOxzJ/7OCFz3SVNZ3YC9LirJiYZxHNp/JR7GR2FiDWd8yg57bUaT pn8s8SBf4tzMUXk29RmecoyL1mrWUVqozhLiPAVZe/Rt5nxHCCSW5e18ORRFT3A0 jaqEjadH3Dk+gzUzurgokU3tQ/5EdF7VmrnojKG+eItIYifZ/49Uvb+U7iGx9yZY DUw0Lsj8VqlDtfHX+OQAoM8jOKZBlX7vR8Fwb07IpUC091AO9okUlra1zW2odw6X 3B2gT1M3Xt/kFmrXIW+BxPEErzbxKOTPxkhqCbFJBWa1EkGZmzHbE+3LpWmGvrI= =Xbud -----END PGP SIGNATURE-----