[Python-modules-commits] [python-django] 03/04: Fix some backported patches
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Jul 16 13:01:53 UTC 2015
This is an automated email from the git hooks/post-receive script.
hertzog pushed a commit to branch debian/squeeze
in repository python-django.
commit f7c4e896cff65dd4999a34f5d909a01505b647a9
Author: Raphaël Hertzog <hertzog at debian.org>
Date: Wed Jul 15 18:47:28 2015 +0200
Fix some backported patches
self.session_key is a property that generates a random key automatically
when not set, we must use the underlying variable.
---
debian/patches/CVE-2015-5143.patch | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/debian/patches/CVE-2015-5143.patch b/debian/patches/CVE-2015-5143.patch
index b37114d..f9a0f3a 100644
--- a/debian/patches/CVE-2015-5143.patch
+++ b/debian/patches/CVE-2015-5143.patch
@@ -32,7 +32,7 @@ This is a security fix; disclosure to follow shortly.
raise RuntimeError("Unable to create a new session key.")
def save(self, must_create=False):
-+ if self.session_key is None:
++ if self._session_key is None:
+ return self.create()
if must_create:
func = self._cache.add
@@ -54,8 +54,8 @@ This is a security fix; disclosure to follow shortly.
data = super(SessionStore, self).load()
- cache.set(KEY_PREFIX + self.session_key, data,
- settings.SESSION_COOKIE_AGE)
-+ if self.session_key:
-+ cache.set(KEY_PREFIX + self.session_key, data,
++ if self._session_key:
++ cache.set(KEY_PREFIX + self._session_key, data,
+ settings.SESSION_COOKIE_AGE)
return data
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git
More information about the Python-modules-commits
mailing list