-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 16 Jul 2015 14:47:32 +0200 Source: python-django Binary: python-django python-django-doc Architecture: source all Version: 1.2.3-3+squeeze13 Distribution: squeeze-lts Urgency: medium Maintainer: Chris Lamb <lamby@debian.org> Changed-By: Raphaël Hertzog <hertzog@debian.org> Description: python-django - High-level Python web development framework python-django-doc - High-level Python web development framework (documentation) Changes: python-django (1.2.3-3+squeeze13) squeeze-lts; urgency=medium . * Backport multiple security fixes released in 1.4 branch: https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ - Possible XSS attack via user-supplied redirect URLs (CVE-2015-2317) https://www.djangoproject.com/weblog/2015/jul/08/security-releases/ - Denial-of-service possibility by filling session store (CVE-2015-5143) - Header injection possibility since validators accept newlines in input (CVE-2015-5144) Checksums-Sha1: 717eddadf0d9acbbe1906d9570782e592b616a85 1891 python-django_1.2.3-3+squeeze13.dsc 780534a241935d94a16a79ba6c745f2afb63e974 74674 python-django_1.2.3-3+squeeze13.debian.tar.gz 9715fe084612d4d9428c54527c3f198216eac073 4220408 python-django_1.2.3-3+squeeze13_all.deb d2737c5f6b16576fbb688f0797854f2c8956d6c7 1898888 python-django-doc_1.2.3-3+squeeze13_all.deb Checksums-Sha256: eef8a88904bca73126896c5c658f4f16bfeb870d5d4dda85aa74405bc3eb11cc 1891 python-django_1.2.3-3+squeeze13.dsc 5d9e8dff392e3f80d87b45547813262e0b2b65063e585d5c0bfad1ac0981063c 74674 python-django_1.2.3-3+squeeze13.debian.tar.gz 12cef7a08ea78f3697b787c060b7e4398d23a5c349fde9dd891e757d37462bbe 4220408 python-django_1.2.3-3+squeeze13_all.deb 960620110d419d5dfc46de02d2a17b9b7fd149cec93a7675bf11ad0aae73d91d 1898888 python-django-doc_1.2.3-3+squeeze13_all.deb Files: 920d1105940f999c171905e1392eb20f 1891 python optional python-django_1.2.3-3+squeeze13.dsc dc12882595babf80bd6d1c21dac44d1e 74674 python optional python-django_1.2.3-3+squeeze13.debian.tar.gz 5d11f2c06b1f1d0a91fd17cd2b640a72 4220408 python optional python-django_1.2.3-3+squeeze13_all.deb 7b1657d30b9085a3e4f66eec2423ce66 1898888 doc optional python-django-doc_1.2.3-3+squeeze13_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Signed by Raphael Hertzog iQEcBAEBCAAGBQJVp6sSAAoJEAOIHavrwpq5oeUH/iSJ3h4lxQLEcQEtE/Sn6rHw UTGChnFcwqcdnlVj/CgqD+h6PX1nHdb+6vWrZcB3+C5LTP2UQH5GaGqapIfvka6t iuTCzT1Ja16YwRlfqAIOTRJsKileduZWqcoTYiE6MnsKW6VypiUlqGE2B7rkZCTU jPzcYJwrEM5ckgim/4xErOuTD0lw9euYhcE0vUwd42kpWyuIG+IMCFFjYCPiBmgY 2Rz/fbi3CTUZiyf6PNu/qFtkMaW4kLhr1KDtg0RyiW9YutaAO7BNAtEzhknB+2EW xGnI3ocUHk3B22+d84+obP1tsF6bfB/cjpH63CNF3s1wXoteXXormA9YDOSWDs4= =yHR+ -----END PGP SIGNATURE-----