[Python-modules-commits] [python-django] branch debian/jessie-updates updated (fbf92fb -> 7235b53)
Raphaël Hertzog
hertzog at moszumanska.debian.org
Mon Jul 25 07:57:01 UTC 2016
This is an automated email from the git hooks/post-receive script.
hertzog pushed a change to branch debian/jessie-updates
in repository python-django.
from fbf92fb Add links to release notes
adds e060f68 Disable creation of _sources directory by Sphinx
adds cfa3b0d Update manual page to refer to django-admin instead of django-admin.py
adds 1dc4e2c Use Debian GeoIP database path as default
adds d8c9fc0 newlines-1.7.x.diff
adds 94fe77a session-1.7.x.diff
adds 24a5915 session-store-1.7.x.diff
adds addba51 Import python-django_1.7.7-1%2Bdeb8u2.dsc
adds 62a137b Import python-django 1.7.7-1+deb8u2
adds 9862883 date-leak-1.7.diff
adds 5d3cf37 Import python-django_1.7.7-1%2Bdeb8u3.dsc
adds f820494 Import python-django 1.7.7-1+deb8u3
adds c58b975 CVE-2016-2512: Prevented spoofing is_safe_url() with basic auth
adds 326852b is_safe_url() crashes with a byestring URL on Python 2
adds a471ae7 CVE-2016-2513: Fixed user enumeration timing attack during login
adds 26465e7 Import python-django_1.7.7-1%2Bdeb8u4.dsc
adds 5285f0d Import python-django 1.7.7-1+deb8u4
adds eda2ca8 CVE-2016-6186: Fixed XSS in admin's add/change related popup.
adds cf9ccf6 Import python-django_1.7.7-1%2Bdeb8u5.dsc
adds 4eee5af Import python-django 1.7.7-1+deb8u5
new a6c7a94 Merge branch 'debian/jessie' into debian/jessie-updates
new c994e4a Disable creation of _sources directory by Sphinx
new 7c0f2ff Update manual page to refer to django-admin instead of django-admin.py
new e06be82 Use Debian GeoIP database path as default
new ce819b2 CVE-2016-2512: Prevented spoofing is_safe_url() with basic auth
new 41e37f8 is_safe_url() crashes with a byestring URL on Python 2
new 22de96c CVE-2016-2513: Fixed user enumeration timing attack during login
new 39cf1a3 CVE-2016-6186: Fixed XSS in admin's add/change related popup.
new def4d87 merge debian/patched-jessie-updates into debian/jessie-updates
new 7235b53 Prepare for release
The 10 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Summary of changes:
debian/.git-dpm | 4 +-
debian/changelog | 37 +-
debian/control | 1 +
...creation-of-_sources-directory-by-Sphinx.patch} | 6 +-
...l-page-to-refer-to-django-admin-instead-.patch} | 6 +-
...se-Debian-GeoIP-database-path-as-default.patch} | 6 +-
...12-Prevented-spoofing-is_safe_url-with-ba.patch | 67 ++++
...-crashes-with-a-byestring-URL-on-Python-2.patch | 61 ++++
...13-Fixed-user-enumeration-timing-attack-d.patch | 395 +++++++++++++++++++++
...86-Fixed-XSS-in-admin-s-add-change-relate.patch | 72 ++++
debian/patches/series | 10 +-
django/contrib/auth/hashers.py | 77 ++--
django/contrib/auth/tests/test_hashers.py | 60 ++++
django/utils/http.py | 13 +-
django/views/debug.py | 4 +-
docs/topics/auth/passwords.txt | 113 ++++++
tests/admin_views/admin.py | 3 +-
tests/admin_views/models.py | 4 +
tests/utils_tests/test_http.py | 25 ++
19 files changed, 921 insertions(+), 43 deletions(-)
rename debian/patches/{02_disable-sources-in-sphinxdoc.diff => 0001-Disable-creation-of-_sources-directory-by-Sphinx.patch} (85%)
rename debian/patches/{03_manpage.diff => 0002-Update-manual-page-to-refer-to-django-admin-instead-.patch} (87%)
rename debian/patches/{06_use_debian_geoip_database_as_default.diff => 0003-Use-Debian-GeoIP-database-path-as-default.patch} (95%)
create mode 100644 debian/patches/0004-CVE-2016-2512-Prevented-spoofing-is_safe_url-with-ba.patch
create mode 100644 debian/patches/0005-is_safe_url-crashes-with-a-byestring-URL-on-Python-2.patch
create mode 100644 debian/patches/0006-CVE-2016-2513-Fixed-user-enumeration-timing-attack-d.patch
create mode 100644 debian/patches/0007-CVE-2016-6186-Fixed-XSS-in-admin-s-add-change-relate.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-django.git
More information about the Python-modules-commits
mailing list