-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 23 Apr 2017 20:52:55 +0000 Source: python-django Binary: python-django python3-django python-django-common python-django-doc Architecture: source all Version: 1.7.11-1+deb8u2 Distribution: stable Urgency: high Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org> Changed-By: Luke W Faraone <lfaraone@debian.org> Description: python-django - High-level Python web development framework (Python 2 version) python-django-common - High-level Python web development framework (common) python-django-doc - High-level Python web development framework (documentation) python3-django - High-level Python web development framework (Python 3 version) Closes: 842856 859515 859516 Changes: python-django (1.7.11-1+deb8u2) jessie-security; urgency=high . * SECURITY UPDATE: - CVE-2016-9013: User with hardcoded password created when running tests on Oracle - CVE-2016-9014: DNS rebinding vulnerability when DEBUG=True (Closes: #842856) - CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs (Closes: #859515) - CVE-2017-7234: Open redirect vulnerability in django.views.static.serve() (Closes: #859516) Checksums-Sha1: 284789efbe64cd5c85da22ca0a8442c664f21958 2713 python-django_1.7.11-1+deb8u2.dsc 5dfa550c5fd4a666371e63056f9b8b4e1688c28a 35356 python-django_1.7.11-1+deb8u2.debian.tar.xz 2da960925b1ea9c513ed151dd9465e85b6b7517c 994342 python-django_1.7.11-1+deb8u2_all.deb 09c35a9948a584808213c0623272360fe4062aca 978076 python3-django_1.7.11-1+deb8u2_all.deb 15a96f0657c0bdf04d1b9437fae384df729bf42d 1503460 python-django-common_1.7.11-1+deb8u2_all.deb 731d1528e7975ebfe3a200fa4609be03b8496eb6 2493184 python-django-doc_1.7.11-1+deb8u2_all.deb Checksums-Sha256: d238c7ab55ade686db92c64dcd01cf5241a5705f5262552ec9e9a4a41028296a 2713 python-django_1.7.11-1+deb8u2.dsc f39cf99d63fc94ccb1eeca51505785ee3d85c8ff376225036e9c08929d4ba521 35356 python-django_1.7.11-1+deb8u2.debian.tar.xz 52ae8d17cc99b175d77292ee449377f7139519fa85e588605ea264aae2d04f20 994342 python-django_1.7.11-1+deb8u2_all.deb f96e381d52a974fb476904a53ce0ad7c35b952bb505c4c6316271a5e894e975d 978076 python3-django_1.7.11-1+deb8u2_all.deb 09db2448b7a0413b18ae737d23d9d9abe856d748ce7c73d1591649e084785b66 1503460 python-django-common_1.7.11-1+deb8u2_all.deb 765e13af0467296c28356a94c9f30838e5ca3565c42b2495f3d89ac4a2c2b1a3 2493184 python-django-doc_1.7.11-1+deb8u2_all.deb Files: c1e975d0dd687959fb35b7efa27d0902 2713 python optional python-django_1.7.11-1+deb8u2.dsc 7fec8261ab9b449073c389142e524497 35356 python optional python-django_1.7.11-1+deb8u2.debian.tar.xz e0007128e55e4da01e66db324dd3ebab 994342 python optional python-django_1.7.11-1+deb8u2_all.deb 33540a04897acce631852c3b759c44c7 978076 python optional python3-django_1.7.11-1+deb8u2_all.deb 75a2f62e80f61e331daf42675bbb7998 1503460 python optional python-django-common_1.7.11-1+deb8u2_all.deb 6b2245d7c89250de5256966e15814a81 2493184 doc optional python-django-doc_1.7.11-1+deb8u2_all.deb -----BEGIN PGP SIGNATURE----- iQItBAEBCAAXBQJY/TU4EBxsdWtlQGZhcmFvbmUuY2MACgkQ2Ov4wRG5tSCkrhAA ilI9+NIuP2Zr1tiOYnKoGLx0n+RpGAHzWshXV38XciTftN3sHHKeaAA9rhXYd0+3 JK7dYAtYl/uIMmtYkQsNg41GS0fEnRO486rLaip+thB8Pq+M0UTLXnWugQuTtNSP /5+v5gA7vOBdgCkEqE77HnbsFqnJna/jNZswk5W3UOqSPAKESrwpYS9XZT0eSzcP T8o9Cfwwu5xATaGM0YS0B9RsrGVh+5s+1uNQf1PBzcR/wi7d45FN+INevtSDePe1 1V6LmDkOLqH9R76ifVr3ZmJqp110lwz4Ki27+8K2lT4/w2LB473TjD1m+OTboI6i AVKMBS0Oq9KMyCvy5Vf1JTA9BBcFNZdO6fjwLUHPQhhJsIa8Li/mj5lSBwer6pzR mi7zl7oZ8XujMMVx/ls5+6EuFNKYdN5uJDuYpwcl2r0vHskpYTwaJ7PoezSSj9DY nrcMuKvGv3jDzUWwVeHa5eVLGe4M8V/aG5qG2G6EET/uOGLJHob8KPEp5gD4tpjg BgsS17V9ti7/tGvz0f6bIvwS0jge6+6vMM43OEiMRrOD8eXs1y+gpuEFIdwAMkht IF05yRRoUB/k2fVVXY06OFLlHW1hy1eq2HGUrVcslxQ7bw2IF+KqGKG+srcr4FKm y9gAFO63KVMY9md7ibBsdQVbwpXa0NyjKjRcBNO2Wjc= =5h1u -----END PGP SIGNATURE-----