[Python-modules-commits] [python-django] 03/03: New upstream security and bugfix release

[Raphaël Hertzog]

This is an automated email from the git hooks/post-receive script.

hertzog pushed a commit to branch debian/sid
in repository python-django.

commit 6ba93dcd9c8aaad285753c8d890603f212832728
Author: Raphaël Hertzog <hertzog at debian.org>
Date:   Mon Mar 23 20:52:05 2015 +0100

    New upstream security and bugfix release
    
    https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
    
    It fixes:
    - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs
      Closes: #780873
    - CVE-2015-2316: Denial-of-service possibility with strip_tags()
      Closes: #780874
---
 debian/changelog | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index ae46600..39822bc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+python-django (1.7.7-1) unstable; urgency=high
+
+  * New upstream security and bugfix release:
+    https://www.djangoproject.com/weblog/2015/mar/18/security-releases/
+    It fixes:
+    - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs
+      Closes: #780873
+    - CVE-2015-2316: Denial-of-service possibility with strip_tags()
+      Closes: #780874
+
+ -- Raphaël Hertzog <hertzog at debian.org>  Mon, 23 Mar 2015 20:41:13 +0100
+
 python-django (1.7.6-1) unstable; urgency=high
 
   * New upstream security release:

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git