Bug#614787: marked as done (dajaxice crashes with django patched for the flaw in CSRF handling)

[Debian Bug Tracking System]

Your message dated Thu, 03 Mar 2011 01:56:00 +0000
with message-id <e1puxlo-0000ww...@franck.debian.org>
and subject line Bug#614787: fixed in dajaxice 0.1.5-1squeeze1
has caused the Debian Bug report #614787,
regarding dajaxice crashes with django patched for the flaw in CSRF handling
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
614787: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614787
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: dajaxice
Version: 0.1.5-1
Severity: grave
Tags: squeeze upstream

This bug is from Ubuntu Maverick but it applies to Debian Squeeze too.

django-dajaxice 0.1.5 (Squeeze) crashes with django patched for the 
flaw in CSRF handling.

Related with security bug in django
- http://www.djangoproject.com/weblog/2011/feb/08/security/
- 
http://packages.debian.org/changelogs/pool/main/p/python-django/python-django_1.2.3-3+squeeze1/changelog

With django patched in Squeeze is totally unusable.


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

--- End Message ---

--- Begin Message ---

Source: dajaxice
Source-Version: 0.1.5-1squeeze1

We believe that the bug you reported is fixed in the latest version of
dajaxice, which is due to be installed in the Debian FTP archive:

dajaxice_0.1.5-1squeeze1.debian.tar.gz
  to main/d/dajaxice/dajaxice_0.1.5-1squeeze1.debian.tar.gz
dajaxice_0.1.5-1squeeze1.dsc
  to main/d/dajaxice/dajaxice_0.1.5-1squeeze1.dsc
python-django-dajaxice_0.1.5-1squeeze1_all.deb
  to main/d/dajaxice/python-django-dajaxice_0.1.5-1squeeze1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 614...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Angel Abad <angela...@gmail.com> (supplier of updated dajaxice package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 24 Feb 2011 09:24:51 +0000
Source: dajaxice
Binary: python-django-dajaxice
Architecture: source all
Version: 0.1.5-1squeeze1
Distribution: stable-security
Urgency: low
Maintainer: Angel Abad <angela...@gmail.com>
Changed-By: Angel Abad <angela...@gmail.com>
Description: 
 python-django-dajaxice - agnostic and easy to use AJAX library for django
Closes: 614787
Changes: 
 dajaxice (0.1.5-1squeeze1) stable-security; urgency=low
 .
   * debian/patches/fix_csrf_verification: (Closes: #614787)
     - Fix bug related to CSRF verification on Django
Checksums-Sha1: 
 5c6977d3710db3ca95a85375982624a4f4bd70f0 1699 dajaxice_0.1.5-1squeeze1.dsc
 a267c5f693fe6723599f4ca05ce36cd8ec5f9590 13824 dajaxice_0.1.5.orig.tar.gz
 4afdb32316629e024663578b9138f6f21681f4e4 3463 
dajaxice_0.1.5-1squeeze1.debian.tar.gz
 d8ea072b63a7eebcdcc667bb573afca67373ac27 14662 
python-django-dajaxice_0.1.5-1squeeze1_all.deb
Checksums-Sha256: 
 5a6990315627aa5b1b1f56a9cbb2027f90493e9d5c8b90105dcf20971a54407d 1699 
dajaxice_0.1.5-1squeeze1.dsc
 c79b83356d55ff4443fcccec90cae589e05396134284106d8beb9a2db860dccc 13824 
dajaxice_0.1.5.orig.tar.gz
 675132bd88627bcb0dc791c7c07f0145aa7a911ff8521b82716bf2e153f1bc17 3463 
dajaxice_0.1.5-1squeeze1.debian.tar.gz
 a00a451f3d712e9dd4ad82cf4b64ac29f79c052fca18af9dbb2f633d759cc086 14662 
python-django-dajaxice_0.1.5-1squeeze1_all.deb
Files: 
 9f899b05929a8fec087c917210bbb120 1699 python optional 
dajaxice_0.1.5-1squeeze1.dsc
 a8ead586103307bf0d42f5b9c076c63d 13824 python optional 
dajaxice_0.1.5.orig.tar.gz
 5ab15e8e67fa4609ff0d200607b91ee3 3463 python optional 
dajaxice_0.1.5-1squeeze1.debian.tar.gz
 d78c8e7bb1fdeec31c37688f123075d7 14662 python optional 
python-django-dajaxice_0.1.5-1squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJNbUFUAAoJEOxfUAG2iX57IrUH/iJWYc/YQMMSfzBnDLvXX/5e
BSOzR3BrvlPInGM7yZgHr0adYHd922pFQnWdL8eTfH6sN0Crb0ERBZfF9rxa+XEg
oYcnwNCPNBxwVZdZTaKoX0sQEyTOEzYZlBplkCwMI6oKWyvua4ilZadYUwFkl+97
PwXhWJjxI93ElOxQP4rlknVA3kgouE+qgt9Zh3+CY6GApnSRTIqcFN3bmhxbSbGK
5HfLbWwvkxXGmg1C5E+ecOqmlQO0hoG92kVVKqzUJd3Gei+PxlcrB1Du3cqn3aJh
bc0tJYhlhGgOg/ofq1E94rAcwUwndc0OWtceiDmjwLncn9CymdmNJXh/aVYdsPY=
=zPLa
-----END PGP SIGNATURE-----

--- End Message ---