[Python-modules-commits] r23555 - in packages/python-django/trunk/debian (changelog)
hertzog at users.alioth.debian.org
hertzog at users.alioth.debian.org
Sat Feb 23 09:07:03 UTC 2013
Date: Saturday, February 23, 2013 @ 09:07:00
Author: hertzog
Revision: 23555
* New upstream security and maintenance release. Closes: #701186
https://www.djangoproject.com/weblog/2013/feb/19/security/
Fixes mulptiple security issues:
- Further fixes for Host header poisoning. CVE-2012-4520
- XML attacks via entity expansion. CVE-2013-1665
- Data leakage via admin history log. CVE-2013-0305
- Formset denial-of-service. CVE-2013-0306
Modified:
packages/python-django/trunk/debian/changelog
Modified: packages/python-django/trunk/debian/changelog
===================================================================
--- packages/python-django/trunk/debian/changelog 2013-02-22 23:33:36 UTC (rev 23554)
+++ packages/python-django/trunk/debian/changelog 2013-02-23 09:07:00 UTC (rev 23555)
@@ -1,9 +1,16 @@
-python-django (1.4.3-2) UNRELEASED; urgency=low
+python-django (1.4.4-1) unstable; urgency=low
+ * New upstream security and maintenance release. Closes: #701186
+ https://www.djangoproject.com/weblog/2013/feb/19/security/
+ Fixes mulptiple security issues:
+ - Further fixes for Host header poisoning. CVE-2012-4520
+ - XML attacks via entity expansion. CVE-2013-1665
+ - Data leakage via admin history log. CVE-2013-0305
+ - Formset denial-of-service. CVE-2013-0306
* Add gettext to Suggests since it's required for django-admin
compilemessages / makemessages. Closes: #700483
- -- Raphaël Hertzog <hertzog at debian.org> Wed, 13 Feb 2013 11:59:14 +0100
+ -- Raphaël Hertzog <hertzog at debian.org> Sat, 23 Feb 2013 09:33:13 +0100
python-django (1.4.3-1) unstable; urgency=high
More information about the Python-modules-commits
mailing list