[Python-modules-commits] [python-django] 03/03: releasing package python-django version 1.6.6-1

[Luke Faraone]

This is an automated email from the git hooks/post-receive script.

lfaraone pushed a commit to branch master
in repository python-django.

commit 18d13a07460124e3d2f4d24d539a8f90bf66246c
Author: Luke Faraone <luke at faraone.cc>
Date:   Wed Aug 20 19:31:38 2014 -0700

    releasing package python-django version 1.6.6-1
---
 debian/changelog | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index e38b3bb..d458dd4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,10 @@
-python-django (1.6.5-4) UNRELEASED; urgency=medium
+python-django (1.6.6-1) unstable; urgency=high
+
+  * New upstream security release.
+    - reverse() can generate URLs pointing to other hosts (CVE-2014-0480)
+    - file upload denial of service (CVE-2014-0481)
+    - RemoteUserMiddleware session hijacking (CVE-2014-0482)
+    - data leakage via querystring manipulation in admin (CVE-2014-0483)
 
   [ Brian May ]
   * Don't output stuff to stdout in django-admin. Closes: #757145
@@ -6,7 +12,7 @@ python-django (1.6.5-4) UNRELEASED; urgency=medium
   [ Raphaël Hertzog ]
   * Update Vcs-* fields since the packaging repository moved to git.
 
- -- Raphaël Hertzog <hertzog at debian.org>  Fri, 08 Aug 2014 13:53:27 +0200
+ -- Luke Faraone <lfaraone at debian.org>  Wed, 20 Aug 2014 19:30:21 -0700
 
 python-django (1.6.5-3) unstable; urgency=low
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git