Your message dated Wed, 01 Aug 2018 15:20:36 +0000
with message-id <[email protected]>
and subject line Bug#905216: fixed in python-django 2:2.1-1
has caused the Debian Bug report #905216,
regarding python-django: CVE-2018-14574: Open redirect possibility in
CommonMiddleware
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
905216: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905216
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-django
Version: 1:1.11.14-1
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for python-django.
CVE-2018-14574[0]:
Open redirect possibility in CommonMiddleware
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-14574
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14574
[1] https://www.djangoproject.com/weblog/2018/aug/01/security-releases/
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: python-django
Source-Version: 2:2.1-1
We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Lamb <[email protected]> (supplier of updated python-django package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 01 Aug 2018 22:59:20 +0800
Source: python-django
Binary: python3-django python-django-doc
Built-For-Profiles: nocheck
Architecture: source all
Version: 2:2.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Python Modules Team
<[email protected]>
Changed-By: Chris Lamb <[email protected]>
Description:
python-django-doc - High-level Python web development framework (documentation)
python3-django - High-level Python web development framework (Python 3 version)
Closes: 905216
Changes:
python-django (2:2.1-1) experimental; urgency=medium
.
* New upstream release.
- CVE-2018-14574: Open redirect possibility in CommonMiddleware.
(Closes: #905216)
Checksums-Sha1:
3087d8c85488f4a1b301b6990499f7a6371c92d1 2652 python-django_2.1-1.dsc
136bf406eb2cf4d74a7f1d78adc17241dde75a32 8583964 python-django_2.1.orig.tar.gz
06cdb09f61d0676dba4d0fce569e597ee5bb9d48 23476
python-django_2.1-1.debian.tar.xz
33f746fe06f8dc822d0179c5c2c15409791726d4 3033592
python-django-doc_2.1-1_all.deb
6314ca08fd4e57d1902fdaa8e8b36b8f158f80e3 7364
python-django_2.1-1_amd64.buildinfo
0fd80738ba85d35cefd1e254a1becb1ed682edcc 2584564 python3-django_2.1-1_all.deb
Checksums-Sha256:
e6a388b819726f5f71ce5ec8557eb6e90b8c7b201a7a348afdc709df68035d60 2652
python-django_2.1-1.dsc
7f246078d5a546f63c28fc03ce71f4d7a23677ce42109219c24c9ffb28416137 8583964
python-django_2.1.orig.tar.gz
62aa7f44546c17234dd3caf608bfa01241a79b155e12423a8f60f645cda60511 23476
python-django_2.1-1.debian.tar.xz
fc27cc571615b055e800138c1c06c244e44c6661da6cf62c1df371b7724fd2c3 3033592
python-django-doc_2.1-1_all.deb
5d37a5400e7652e1197a65b0db867b7cbf3474ce0c652b07a8ebcb28c801d3d3 7364
python-django_2.1-1_amd64.buildinfo
24b009e97e978750ae26e5653b6894ab75435f137ca4c694e12d361336c15348 2584564
python3-django_2.1-1_all.deb
Files:
c463f4996ce9f64b2326d041c10192cf 2652 python optional python-django_2.1-1.dsc
4a01d9325ac60e8d329762ecb9c9d2ea 8583964 python optional
python-django_2.1.orig.tar.gz
4798cb128707291a79c6daef290ca53c 23476 python optional
python-django_2.1-1.debian.tar.xz
d98a8b920824a7c9da656f03c0abec4c 3033592 doc optional
python-django-doc_2.1-1_all.deb
4d02c286acb20d35b634c3d16c252606 7364 python optional
python-django_2.1-1_amd64.buildinfo
65b1ed4618cf454e31f5daeb1e6a1788 2584564 python optional
python3-django_2.1-1_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlthy8oACgkQHpU+J9Qx
HlhZqxAAo/wsqO18taV/z+pFhqha3StyltyM1+ligyZIUo5gT04lO4XX1n08C+Eu
gQjp+V4yYdt9Ypwx63gSk8Ake0w5W/WbgOB8QxwxXPEjIG9qUoXWwZ/G8n4wGsSZ
LcIs5apNiz3mJ2S9JMB8/bT1UmxVkha/wXHfkr+IoZP25dDasc8FTtOuU2FsnBXf
wymMBgNmJmXvHmxS3NPDYJ+GTRoanudn4gZhHFtMO5XAM9pzr9cVya4vSl6ZV44d
DguTuYrIwM0/0jqXuoN9b6s8VX2vssWSKnJdbaAifGDo/kRsJMABoXKyAYRu2vMC
FLVUSlPWk75p0ge8zHQNX8n8J3Nwa/Lx2jcL3AN14wMDspquJbqe0M+gi647W/Pg
JtFVH/mZwfbv8e1T+h0csT0oVlv7kWoFcSno1Nim5LVUzdWyrwge6lBzy5Lh2LEx
MP8z1souw++G5DyvbDuRUoAVa/pWaadjIGSP5S+5KT+VxP7i3syA9MdILowNjOVZ
W2RoMSNArAtKefyEMCFy0RvlljlU6OUyaxkXAKVGVJux4apmHWh+LXAlHyVyKP3s
eot+hgrFi2pJ6jtm82BHvEsDdxQP3bsfsDca6m1jwMuUTrOuSfjc6+vKVaD+mImm
2RMYQwND/T9eygso8Xgd+plwm3wv3CASPSYc/5C1iETsVTwE/6I=
=+ykd
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Python-modules-team mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/python-modules-team
