python-django 1.1.1-2ubuntu1.2 source package in Ubuntu
Changelog
python-django (1.1.1-2ubuntu1.2) lucid-security; urgency=low
* SECURITY UPDATE: information leak in admin interface
- debian/patches/08_security_admin_infoleak.diff: validate querystring
lookup arguments either specify only fields on the model being viewed,
or cross relations which have been explicitly whitelisted.
- CVE-2010-4534
* SECURITY UPDATE:
- debian/patches/09_security_pasword_reset_dos.diff: adjust
base36_to_int() function in django.utils.http will now validate the
length of its input; on input longer than 13 digits (sufficient to
base36-encode any 64-bit integer), it will now raise ValueError.
Additionally, the default URL patterns for django.contrib.auth will now
enforce a maximum length on the relevant parameters.
- CVE-2010-4535
-- Jamie Strandboge <email address hidden> Mon, 03 Jan 2011 11:31:57 -0600
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Lucid
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-django_1.1.1.orig.tar.gz | 5.4 MiB | d65b18319496fc4923b37fdb736e5ba1a90a3a18e2d7eaac7f3ad30738d1f6e4 |
| python-django_1.1.1-2ubuntu1.2.diff.gz | 42.8 KiB | 9a6f1ca1262165dce6217a3326e9fe45d606d771d20bd97e75cfe8f6e0a17119 |
| python-django_1.1.1-2ubuntu1.2.dsc | 2.2 KiB | 38c774e1e388d8fc003589e9f4072cc1f5655a25ee6138068f0ee88d715accd8 |
Available diffs
Binary packages built by this source
- python-django: No summary available for python-django in ubuntu lucid.
No description available for python-django in ubuntu lucid.
- python-django-doc: No summary available for python-django-doc in ubuntu lucid.
No description available for python-django-doc in ubuntu lucid.
