[Python-modules-commits] [python-django] branch debian/jessie updated (d838866 -> 4eee5af)
Luke Faraone
lfaraone at moszumanska.debian.org
Thu Jul 21 02:34:39 UTC 2016
This is an automated email from the git hooks/post-receive script.
lfaraone pushed a change to branch debian/jessie
in repository python-django.
from d838866 git-dpm config
new e060f68 Disable creation of _sources directory by Sphinx
new cfa3b0d Update manual page to refer to django-admin instead of django-admin.py
new 1dc4e2c Use Debian GeoIP database path as default
new d8c9fc0 newlines-1.7.x.diff
new 94fe77a session-1.7.x.diff
new 24a5915 session-store-1.7.x.diff
new addba51 Import python-django_1.7.7-1%2Bdeb8u2.dsc
new 62a137b Import python-django 1.7.7-1+deb8u2
new 9862883 date-leak-1.7.diff
new 5d3cf37 Import python-django_1.7.7-1%2Bdeb8u3.dsc
new f820494 Import python-django 1.7.7-1+deb8u3
new c58b975 CVE-2016-2512: Prevented spoofing is_safe_url() with basic auth
new 326852b is_safe_url() crashes with a byestring URL on Python 2
new a471ae7 CVE-2016-2513: Fixed user enumeration timing attack during login
new 26465e7 Import python-django_1.7.7-1%2Bdeb8u4.dsc
new 5285f0d Import python-django 1.7.7-1+deb8u4
new eda2ca8 CVE-2016-6186: Fixed XSS in admin's add/change related popup.
new cf9ccf6 Import python-django_1.7.7-1%2Bdeb8u5.dsc
new 4eee5af Import python-django 1.7.7-1+deb8u5
The 19 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/.git-dpm | 4 +-
debian/changelog | 35 ++
debian/control | 1 +
.../patches/02_disable-sources-in-sphinxdoc.diff | 16 +-
debian/patches/03_manpage.diff | 15 +-
.../06_use_debian_geoip_database_as_default.diff | 21 +-
debian/patches/CVE-2016-2512-regression.diff | 50 +++
debian/patches/CVE-2016-2512.diff | 61 ++++
debian/patches/CVE-2016-2513.diff | 387 +++++++++++++++++++++
debian/patches/CVE-2016-6186.diff | 65 ++++
debian/patches/date-leak-1.7.diff | 56 +++
debian/patches/newlines-1.7.x.diff | 35 +-
debian/patches/series | 6 +
debian/patches/session-1.7.x.diff | 60 ++--
debian/patches/session-store-1.7.x.diff | 246 +++++++++++++
django/contrib/auth/hashers.py | 77 ++--
django/contrib/auth/tests/test_hashers.py | 60 ++++
django/contrib/sessions/backends/base.py | 9 +-
django/contrib/sessions/backends/cached_db.py | 2 +-
django/contrib/sessions/middleware.py | 50 +--
django/contrib/sessions/tests.py | 70 ++++
django/utils/formats.py | 20 ++
django/utils/http.py | 13 +-
django/views/debug.py | 4 +-
docs/topics/auth/passwords.txt | 113 ++++++
docs/topics/http/sessions.txt | 14 +-
tests/admin_views/admin.py | 3 +-
tests/admin_views/models.py | 4 +
tests/i18n/tests.py | 3 +
tests/utils_tests/test_http.py | 25 ++
30 files changed, 1372 insertions(+), 153 deletions(-)
create mode 100644 debian/patches/CVE-2016-2512-regression.diff
create mode 100644 debian/patches/CVE-2016-2512.diff
create mode 100644 debian/patches/CVE-2016-2513.diff
create mode 100644 debian/patches/CVE-2016-6186.diff
create mode 100644 debian/patches/date-leak-1.7.diff
create mode 100644 debian/patches/session-store-1.7.x.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git
More information about the Python-modules-commits
mailing list