[ Scott Kitterman ]
* SECURITY UPDATE: multiple issues (LP: #1031733)
* References CVE-2012-3442 CVE-2012-3443 CVE-2012-3444 https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
* New upstream release to address three security issues:
- Cross-site scripting in authentication views
- Denial-of-service in image validation
- Denial-of-service via get_image_dimensions()
* Added debian/patches/security_http_redirects,
security_image_uploading_two, and security_image_uploading cherry picked
from upstream git
[ Steve Beattie ]
* added debian/patches/10_fix_testsuite_failure.patch: adjust
test_week_view_allow_future to ensure the first week of the year is
selected
This bug was fixed in the package python-django - 1.3-2ubuntu1.3
---------------
python-django (1.3-2ubuntu1.3) oneiric-security; urgency=low
[ Scott Kitterman ] /www.djangoproj ect.com/ weblog/ 2012/jul/ 30/security- releases- issued/ dimensions( ) patches/ security_ http_redirects, image_uploading _two, and security_ image_uploading cherry picked
* SECURITY UPDATE: multiple issues (LP: #1031733)
* References CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
https:/
* New upstream release to address three security issues:
- Cross-site scripting in authentication views
- Denial-of-service in image validation
- Denial-of-service via get_image_
* Added debian/
security_
from upstream git
[ Steve Beattie ] patches/ 10_fix_ testsuite_ failure. patch: adjust week_view_ allow_future to ensure the first week of the year is
* added debian/
test_
selected
[ Marc Deslauriers ] patches/ security_ http_redirects: remove unrelated changes, add
* debian/
python 2.4 regression fix.
-- Marc Deslauriers <email address hidden> Thu, 06 Sep 2012 08:40:28 -0400