[Python-modules-team] python-django_1.10.7-2+deb9u2_amd64.changes ACCEPTED into proposed-updates->stable-new, proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Aug 9 06:35:27 BST 2018



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 03 Aug 2018 15:11:16 +0800
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source all
Version: 1:1.10.7-2+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby at debian.org>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Closes: 874415 905216
Changes:
 python-django (1:1.10.7-2+deb9u2) stretch-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * CVE-2018-14574: Fix an open redirect possibility in CommonMiddleware.
     If the django.middleware.common.CommonMiddleware and the APPEND_SLASH
     setting were both enabled, and if the project has a URL pattern that
     accepted any path ending in a slash then a request to a maliciously crafted
     URL of that site could lead to a redirect to another site, enabling
     phishing and other attacks. (Closes: #905216)
   * CVE-2017-12794: Fix a cross-site scripting attack in the technical HTTP 500
     page. This vulnerability did not affect production sites as they typically
     do not run with "DEBUG = True". (Closes: #874415)
Checksums-Sha1:
 d4d06dbb55c65852065648f3c52c3549b9dfb070 2804 python-django_1.10.7-2+deb9u2.dsc
 5edd13a642460c33cdaf8e8166eccf6b2a2555df 7737654 python-django_1.10.7.orig.tar.gz
 3199a75fd024170733fbf2e37594ac63e337c0ed 36080 python-django_1.10.7-2+deb9u2.debian.tar.xz
 b8ddf9e3b3f62f25cf37c6302b46af6b0d81a783 1513558 python-django-common_1.10.7-2+deb9u2_all.deb
 db77dfc3afd2f56d4651ed097b8b1e81c182602e 2532012 python-django-doc_1.10.7-2+deb9u2_all.deb
 2e23e245432e6542b46754a907ad5cd7e9c3cc8b 903406 python-django_1.10.7-2+deb9u2_all.deb
 d5b065462ec015c0880f0498531f28d09b65d491 9264 python-django_1.10.7-2+deb9u2_amd64.buildinfo
 1d44e145cb74b7b15b41078a61b1d928075648e6 885284 python3-django_1.10.7-2+deb9u2_all.deb
Checksums-Sha256:
 ebc070b0ac89ef5366033ed3a65d7186cb69e50439f141c3453a4e28339ef381 2804 python-django_1.10.7-2+deb9u2.dsc
 593d779dbc2350a245c4f76d26bdcad58a39895e87304fe6d725bbdf84b5b0b8 7737654 python-django_1.10.7.orig.tar.gz
 c6635a5f8952d2b955c7e3bcfe41035055ed2962992d5221d99d224d7e16886b 36080 python-django_1.10.7-2+deb9u2.debian.tar.xz
 39c5353d2b3340cf89003bf55b4dc7f8a2e286586d282fc4d8e583ed1ecbc969 1513558 python-django-common_1.10.7-2+deb9u2_all.deb
 f1675e269447784180af0ea000034237b7d38d1b1f5374332dcae597d010502a 2532012 python-django-doc_1.10.7-2+deb9u2_all.deb
 2340be6efff9397bb824dc01b58088aac847212e84c2d7a0cc01efdd062a83a5 903406 python-django_1.10.7-2+deb9u2_all.deb
 642f82f6d6afb6a6f5f1ba1d68275c1f999019ef5d000dadc0b93f2d2bd006e4 9264 python-django_1.10.7-2+deb9u2_amd64.buildinfo
 1574f3e292dff909d1e05418c7a38c4003bff69f28456a847cbeadd17eac5673 885284 python3-django_1.10.7-2+deb9u2_all.deb
Files:
 0deb756e1e4525802024155e7e57a34d 2804 python optional python-django_1.10.7-2+deb9u2.dsc
 693dfeabad62c561cb205900d32c2a98 7737654 python optional python-django_1.10.7.orig.tar.gz
 462ff484065d741dfc4ddd100a9d5c03 36080 python optional python-django_1.10.7-2+deb9u2.debian.tar.xz
 d9d238ed3a2ce33c7c4f7c864c95171f 1513558 python optional python-django-common_1.10.7-2+deb9u2_all.deb
 c50ec227e86bb8f1cb1d949a7844cd01 2532012 doc optional python-django-doc_1.10.7-2+deb9u2_all.deb
 402bf959aea2b8040235c452eb7f2f11 903406 python optional python-django_1.10.7-2+deb9u2_all.deb
 a25a3f79aa5c993570c6a9dff08550bb 9264 python optional python-django_1.10.7-2+deb9u2_amd64.buildinfo
 9ecd4027ae32bdc2e27340b76bf00331 885284 python optional python3-django_1.10.7-2+deb9u2_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAltkAygACgkQHpU+J9Qx
Hlj+VA/9FDN4ieSysnp8g/2cDQ2F7wyEk2ufI0CIvVCbPu/jigoi2HVMFYCcShcW
0B50Kjjhr8qkrI8qY7xaA3wBQ/fWlnEZK4/uuFi27rnauMeFNCA9jowpYsmgPatE
rhu99y4Ou91mJBm9r+gibH7K73o147DcwlePWKS7iYXpGGPOSrCfVnmLOEexcrn3
uFoxUcfVhhPr0RwoXaSe0tt4UwqhVblFQ1OnAFOgEJxhevh93MxpLoamsDBnnrAL
/1nFubKIIGweXcARXG8tQvE3fCUavmOYDOrHmRdNaK7z44qMoUYu6HUj+EIe5GTd
kfIpBzXU6Q6ynFMTsTMC4vSUSaVsgz0Jix4C05LG1wNRMVFrwEB02txfCsQ0fMEE
4iLA6puiZQ5dPBtA5e522CuTxGSlzyPcarVAIM33PF/TWfZwDppGxOuGCYbdused
uw2IgQ1WniB/rTYmnW/CEL8g+tru+s0glQLlyPYxwMfDtkMRT9mDDscgKbp91ywZ
Ib7awFf3H+z7u2t0B0Pdp/wmposrZG1zLN/Fywk+2LUpqDf9lqykL/uML3A2z75S
GFeofeyMgiNictgm0NPEJpDapbEmrvDrNWXsSWChFHYJIsGunU7sgRZNJB/S3N5q
g9WV8j390BqiS7++N6olu/ODvMUmzdAK0olJm+Eql00Il+j5aVQ=
=tHk1
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Python-modules-team mailing list