This bug was fixed in the package python-django - 1.3.1-4ubuntu1.2
---
python-django (1.3.1-4ubuntu1.2) precise-security; urgency=high
[ Scott Kitterman ]
* SECURITY UPDATE: multiple issues (LP: #1031733)
* References CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
This bug was fixed in the package python-django - 1.1.1-2ubuntu1.5
---
python-django (1.1.1-2ubuntu1.5) lucid-security; urgency=low
* SECURITY UPDATE: Cross-site scripting in authentication views
(LP: #1031733)
-
This bug was fixed in the package python-django - 1.2.5-1ubuntu1.2
---
python-django (1.2.5-1ubuntu1.2) natty-security; urgency=low
* SECURITY UPDATE: Cross-site scripting in authentication views
(LP: #1031733)
-
This bug was fixed in the package python-django - 1.3-2ubuntu1.3
---
python-django (1.3-2ubuntu1.3) oneiric-security; urgency=low
[ Scott Kitterman ]
* SECURITY UPDATE: multiple issues (LP: #1031733)
* References CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: python-django (Ubuntu Natty)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031733
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: python-django (Ubuntu Oneiric)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Changed in: python-django (Ubuntu Precise)
Assignee: Steve Beattie (sbeattie) = Marc Deslauriers (mdeslaur)
** Also affects: python-django (Ubuntu Lucid)
Importance: Undecided
Status: New
** Changed in: python-django (Ubuntu Lucid)
Status: New = Confirmed
** Changed in:
Fixed in 1.4.1, which is in quantal
** Also affects: python-django (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: python-django (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: python-django (Ubuntu Precise)
Importance: Undecided
Since there are non-security changes in 1.3.2/3, we'll cherrypick just
the commits for precise and oneiric. Debian has 1.2 patches we can use
for natty. I did not check applicability to hardy or lucid.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
Fix for precise.
** Attachment added: Precise debdiff
https://bugs.launchpad.net/ubuntu/precise/+source/python-django/+bug/1031733/+attachment/3261433/+files/precise-debdiff
** Changed in: python-django (Ubuntu Precise)
Status: In Progress = Confirmed
--
You received this bug
I did build the package. Given the upstream test suite that runs during
build, I think that should be sufficient given that the change is the
exact upstream change.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thanks, Scott, I'll review and push.
** Changed in: python-django (Ubuntu Precise)
Assignee: Scott Kitterman (kitterman) = Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031733
Title:
Django security update 1.3.2
To manage notifications about this bug go to:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: python-django (Ubuntu)
Status: New = Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1031733
Quick heads-up: a Python 2.4 compatibility issue has been found in the
1.3.2 package. A patch has landed upstream:
https://github.com/django/django/commit/d0d5dc6cd76f01c8a71b677357ad2f702cb54416
And we (Django) will be issuing 1.3.3 as a bugfix release for this
within the next 24 hours.
--
15 matches
Mail list logo