[Python-modules-commits] [python-django] 03/03: New upstream security release
Raphaël Hertzog
hertzog at moszumanska.debian.org
Wed Jul 8 23:58:20 UTC 2015
This is an automated email from the git hooks/post-receive script.
hertzog pushed a commit to branch debian/experimental
in repository python-django.
commit e9c3c06b96d23a50afa33d813f3deccb20703bd8
Author: Raphaël Hertzog <hertzog at debian.org>
Date: Thu Jul 9 01:56:57 2015 +0200
New upstream security release
https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
It fixes:
- CVE-2015-5143: possible denial-of-service by filling session store
- CVE-2015-5144: possible header injection since validators accept
newlines in input
- CVE-2015-5145: possible denial-of-service in URL validation
---
debian/changelog | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 4281db3..a203622 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+python-django (1.8.3-1) experimental; urgency=medium
+
+ * New upstream security release:
+ https://www.djangoproject.com/weblog/2015/jul/08/security-releases/
+ It fixes:
+ - CVE-2015-5143: possible denial-of-service by filling session store
+ - CVE-2015-5144: possible header injection since validators accept
+ newlines in input
+ - CVE-2015-5145: possible denial-of-service in URL validation
+
+ -- Raphaël Hertzog <hertzog at debian.org> Thu, 09 Jul 2015 01:53:02 +0200
+
python-django (1.8.2-1) experimental; urgency=medium
* New upstream security release:
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git
More information about the Python-modules-commits
mailing list