Your message dated Wed, 05 Apr 2017 08:53:04 +0000
with message-id <[email protected]>
and subject line Bug#859516: fixed in python-django 1:1.11-1
has caused the Debian Bug report #859516,
regarding python-django: CVE-2017-7234: Open redirect vulnerability in
django.views.static.serve()
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
859516: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859516
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-django
Version: 1.7.7-1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for python-django.
CVE-2017-7234[0]:
Open redirect vulnerability in django.views.static.serve()
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7234
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: python-django
Source-Version: 1:1.11-1
We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Lamb <[email protected]> (supplier of updated python-django package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 05 Apr 2017 09:54:00 +0200
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source
Version: 1:1.11-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Python Modules Team
<[email protected]>
Changed-By: Chris Lamb <[email protected]>
Description:
python-django - High-level Python web development framework (Python 2 version)
python-django-common - High-level Python web development framework (common)
python-django-doc - High-level Python web development framework (documentation)
python3-django - High-level Python web development framework (Python 3 version)
Closes: 859515 859516
Changes:
python-django (1:1.11-1) experimental; urgency=medium
.
* New upstream stable release. (Closes: #859515, #859516)
Checksums-Sha1:
de4c98b053b41673d9028611fa936d31d473a875 2762 python-django_1.11-1.dsc
7f6f1f8c7275cd503058cd847b80ffad9321f7d4 7853479 python-django_1.11.orig.tar.gz
10f5882c78e20059887028cdd93055772795278f 25832
python-django_1.11-1.debian.tar.xz
527a5d17c5cf2961d7ee20c475b95ad5bfc7244b 8677
python-django_1.11-1_amd64.buildinfo
Checksums-Sha256:
6c997306b542c1bd2b6fbc39b29e838fb84ab334a58c0fa9391e05c394cd5491 2762
python-django_1.11-1.dsc
b6f3b864944276b4fd1d099952112696558f78b77b39188ac92b6c5e80152c30 7853479
python-django_1.11.orig.tar.gz
39ac23a2e67ec6f0b6f236a15b7a21abb1c6cc3b6ea5bdaf2174943e05c91460 25832
python-django_1.11-1.debian.tar.xz
fff976f9320e747ff4fc662a65281aec247fc4a63e504a5546113c2fc4e767dc 8677
python-django_1.11-1_amd64.buildinfo
Files:
dbaab8bdbf83b34f3fde788d8eabcf31 2762 python optional python-django_1.11-1.dsc
5008d266f198c2fe761916139162a0c2 7853479 python optional
python-django_1.11.orig.tar.gz
81ef877fd852b45f42384e01ec130b70 25832 python optional
python-django_1.11-1.debian.tar.xz
2eabe2ab12a4ca51dc3cd58e681883fb 8677 python optional
python-django_1.11-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAljkp0EACgkQHpU+J9Qx
HlhasQ//Y0j1wWgDqygtTPh8xcJp4E+erDvo1K9qSc0dfetJTBdsujQ7MZq07BMf
Bj6FrRLtGTmHe0SEEI5akxpcTeGHFzqcq04ST3pKB+mQJiFeYN/KkZOE6lRjJCfa
tOEDZjkOyGkg4NDjr3EXXku8GoE6NVE0/m2SIW9agD7QXk93VzHMsckLODDagMaf
GzMncMY1jAMPwt2qaX+Tl6XQ4+J24nXGu0Npmrl9cME4GmsKVFcPF9wUN+KkgvbT
Nht3tA3deZnRdLf2ZSynQl56IUcg3HwwtQWn3loWIa6koGtbrVJkBJk/krreJtxF
XLjvDeCZACPpIZ/ISBVOETlMn5xI4eAxc5E96wkBv4l6MzrrqTURbYNgsZxG5RH5
YJw64Lq+tKDotXNgZvnC7ax9jw3X9sLXXvJcd55yLQxHklTYMVh4zUIUdSkd8kkB
t4UPvsBS6FvGppBQpa9/b1Pq5+fXfWPbBEQkaCBjQ27rudCtQBaoKvYP2B5UG07V
7HSNypeZYCV+UwLFUoCditHOGdaltwbAbvHaANoZ2sO9kN/i2FDCFoYTEEAXjCgf
2NiDT8DYLBidczBW71mz0OfnXsAmUh36CPxwSajToV/hsBIZoudzwBgeNaSFoGW7
i9zE9AI1UHfWRqzT8LUGiFKL33trnwNHkNmOppEso7PJua9tMVk=
=Z61O
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Python-modules-team mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/python-modules-team
