Bug#641405: marked as done (several Django security issues)

Thu, 15 Sep 2011 06:13:58 -0700 

Your message dated Thu, 15 Sep 2011 12:48:10 +0000
with message-id <e1r4bmq-00063r...@franck.debian.org>
and subject line Bug#641405: fixed in python-django 1.3.1-1
has caused the Debian Bug report #641405,
regarding several Django security issues
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
641405: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641405
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: python-django
Severity: serious
Tags: security

Hi,

Several security issues were announced in Django:
https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
and a regression fix was later posted:
https://www.djangoproject.com/weblog/2011/sep/10/127/

Can you please ensure that unstable is fixed for these issues, and analyse
whether updates to stable and oldstable security are necessary?

CVE id's are not assigned yet at this point, but there's no need to wait
for them to continue.


Thanks,
Thijs

--- End Message ---
--- Begin Message --- 
Source: python-django
Source-Version: 1.3.1-1

We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive:

python-django-doc_1.3.1-1_all.deb
  to main/p/python-django/python-django-doc_1.3.1-1_all.deb
python-django_1.3.1-1.debian.tar.gz
  to main/p/python-django/python-django_1.3.1-1.debian.tar.gz
python-django_1.3.1-1.dsc
  to main/p/python-django/python-django_1.3.1-1.dsc
python-django_1.3.1-1_all.deb
  to main/p/python-django/python-django_1.3.1-1_all.deb
python-django_1.3.1.orig.tar.gz
  to main/p/python-django/python-django_1.3.1.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 641...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Raphaël Hertzog <hert...@debian.org> (supplier of updated python-django package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 15 Sep 2011 12:43:51 +0200
Source: python-django
Binary: python-django python-django-doc
Architecture: source all
Version: 1.3.1-1
Distribution: unstable
Urgency: low
Maintainer: Chris Lamb <la...@debian.org>
Changed-By: Raphaël Hertzog <hert...@debian.org>
Description: 
 python-django - High-level Python web development framework
 python-django-doc - High-level Python web development framework (documentation)
Closes: 630421 641405
Changes: 
 python-django (1.3.1-1) unstable; urgency=low
 .
   * New upstream release. It includes security updates described here:
     https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
     Closes: #641405
   * Update 01_disable_url_verify_regression_tests.diff and merge
     07_disable_url_verify_model_tests.diff into it.
   * Update patch headers to conform to DEP-3.
   * Apply patch from Steve Langasek to dynamically build the UTF-8
     locale required by the test-suite instead of build-depending on
     locales-all. Closes: #630421
   * Use "dh --with sphinxdoc" to clean up the Sphinx generated documentation
     and avoid the embedded-javascript-library lintian warning. Build-Depends
     on python-sphinx >= 1.0.7+dfsg-1 for this and also add
     ${sphinxdoc:Depends} to python-django-doc Depends field.
   * Cleanup build-dependencies now that even oldstable has python 2.5.
   * Switch to dh_python2 as python helper tool. Drop legacy files
     debian/pyversions and debian/pycompat.
   * New patch 02_disable-sources-in-sphinxdoc.diff to not generate
     the _sources directory that we used to remove manually within the rules
     file. But must be kept disabled until #641710 is fixed.
   * Properly support DEB_BUILD_OPTIONS=nocheck despite the override
     of dh_auto_test.
Checksums-Sha1: 
 1b3e821b829fe4e6f6f8f2f4f4183cf4c707bf06 2139 python-django_1.3.1-1.dsc
 fd968134c8ded38d2d9ccd2cafe865a0585aefc4 6514564 
python-django_1.3.1.orig.tar.gz
 b661a0e87fb10dcbc0258a206db220a080e7fb1d 19500 
python-django_1.3.1-1.debian.tar.gz
 acaec9cf3c43bc9f03bb2f640cea187faf0f9c88 4379606 python-django_1.3.1-1_all.deb
 32324456de73399b18be20d049e94d4af3eb2fdf 2948432 
python-django-doc_1.3.1-1_all.deb
Checksums-Sha256: 
 22960d9f5428eacc576ba382bb42e8e668b7adfb788f7e8d5d2c266d9565a79c 2139 
python-django_1.3.1-1.dsc
 af9118c4e8a063deb0b8cda901fcff2b805e7cf496c93fd43507163f3cde156b 6514564 
python-django_1.3.1.orig.tar.gz
 f7f7b0776a8df0df9492f9014f1750dfb6a3717f3e8569313840a088c2f33a49 19500 
python-django_1.3.1-1.debian.tar.gz
 0902a6622f2cc2cac28080fb827a0a4a1bcd232cde349da298fe901bc3255249 4379606 
python-django_1.3.1-1_all.deb
 8101872a99df25374b0d0a7321d6483dceac4bebb702a8da915fe5cd963c51ea 2948432 
python-django-doc_1.3.1-1_all.deb
Files: 
 b20dfedd840f891bfb8e523357bf87ab 2139 python optional python-django_1.3.1-1.dsc
 62d8642fd06b9a0bf8544178f8500767 6514564 python optional 
python-django_1.3.1.orig.tar.gz
 c13418163d0f07db4f8d701c2865331b 19500 python optional 
python-django_1.3.1-1.debian.tar.gz
 c5cb4f784a101429d0273f31c57d9bb4 4379606 python optional 
python-django_1.3.1-1_all.deb
 e1c8d20721fd3029e4e86dc0915ffda8 2948432 doc optional 
python-django-doc_1.3.1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Signed by Raphael Hertzog

iQIcBAEBCAAGBQJOcfAIAAoJEOYZBF3yrHKap88P/ibA2bNb7PrFPYVy9e7PbWdr
/ueqHhYXWM5Z/3Y7fk5lTCWblSv1xN+hfmsmFN00l1tDOcvivO9jSjsb8XIriAAG
YEG/zOKUVO/Z3NH+WlAiA8gnpf8OV4PttIlY02j5KlcuRLkN3FhbtUi8aqMVPjSK
HLunLGN+3ZAEO/o3ybqcR245NR31PCA9pZ0lnJYXupLVHEnpRDzbCzp7u+PZFgqd
4XgKd4tdHpZBPL0H6uHA5Ggr2/fwXZlLUr5wSOVPUoero1Es8PBheS05Lvc3IE+K
3zvuTikE/trhEALhcy1uz+G1r6dFxZZVG5+ZePAbJC8TXJjwFkR7CCeFbSLA4hpk
1q56cyeoFv5moyZgvuEbeVXfms5bVc2kvS/Jr+hZKTCaLeLISeKZYWKqR6bcuOG1
U2e6tx2xFNWlVoSeIQjK/0LHM7BChhA6IQyT9zQ2cDwvXA+CCGdVRFDLSLF4BCqK
yBJdzzjpOgVmM+hCnjNRhT0Js+kWVSkPUz9Ec0Qom5q+uv2FMbhXC/QZkNPfvo70
AHltat6nb8/KO5pud4ZNJc0lenmT4SZ93MHLBPyQfCyKF0/s6KNz3D9vMfkStefN
HPLIxjhd54nMXBlXaepZzSwublHC95JnRMab5i3v5xmitNHCFT2iS8iqEQBET6ms
ZPz8uRlxG7ktHyi5phSD
=OKrH
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to