python-django 1.2.3-1ubuntu0.2.11.04.1 source package in Ubuntu
Changelog
python-django (1.2.3-1ubuntu0.2.11.04.1) natty; urgency=low
* SECURITY UPDATE: information leak in admin interface
- debian/patches/07_security_admin_infoleak.diff: validate querystring
lookup arguments either specify only fields on the model being viewed,
or cross relations which have been explicitly whitelisted.
- CVE-2010-XXXX
* SECURITY UPDATE:
- debian/patches/08_security_pasword_reset_dos.diff: adjust
base36_to_int() function in django.utils.http will now validate the
length of its input; on input longer than 13 digits (sufficient to
base36-encode any 64-bit integer), it will now raise ValueError.
Additionally, the default URL patterns for django.contrib.auth will now
enforce a maximum length on the relevant parameters.
- CVE-2010-XXXX
-- Jamie Strandboge <email address hidden> Mon, 03 Jan 2011 10:12:39 -0600
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Natty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_1.2.3.orig.tar.gz | 6.0 MiB | cb830f6038b78037647150d977f6cd5cf2bfd731f1788ecf8758a03c213a0f84 |
| python-django_1.2.3-1ubuntu0.2.11.04.1.debian.tar.gz | 21.2 KiB | 336fc9693d403e936d8cc113734dc7f19d4971ccce3b10e67a8c13f04a84c099 |
| python-django_1.2.3-1ubuntu0.2.11.04.1.dsc | 2.2 KiB | 2d318b66a8db73905941a592b360c1a2fc034fe2827f5ec5a322278c5b011d5a |
Available diffs
Binary packages built by this source
- python-django: No summary available for python-django in ubuntu natty.
No description available for python-django in ubuntu natty.
- python-django-doc: No summary available for python-django-doc in ubuntu natty.
No description available for python-django-doc in ubuntu natty.
