[Python-modules-commits] [python-django] 07/07: New upstream security release fixing CVE-2016-2048
Raphaël Hertzog
hertzog at moszumanska.debian.org
Tue Feb 2 08:40:58 UTC 2016
This is an automated email from the git hooks/post-receive script.
hertzog pushed a commit to branch debian/master
in repository python-django.
commit a4f8f8fad6c727ffab8b2acfe57733338e1a5df3
Author: Raphaël Hertzog <hertzog at debian.org>
Date: Tue Feb 2 09:08:23 2016 +0100
New upstream security release fixing CVE-2016-2048
User with "change" but not "add" permission can create objects for
ModelAdmin objects with save_as=True
---
debian/changelog | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 285bd99..b0930e9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+python-django (1.9.2-1) unstable; urgency=medium
+
+ * New upstream security release fixing:
+ - CVE-2016-2048: User with "change" but not "add" permission can create
+ objects for ModelAdmin objects with save_as=True
+
+ -- Raphaël Hertzog <hertzog at debian.org> Tue, 02 Feb 2016 09:06:46 +0100
+
python-django (1.9.1-1) unstable; urgency=medium
* New upstream release.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git
More information about the Python-modules-commits
mailing list