[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()

Mon, 07 Mar 2016 04:51:13 -0800 

This bug was fixed in the package python-django - 1.6.1-2ubuntu0.13

---------------
python-django (1.6.1-2ubuntu0.13) trusty-security; urgency=medium

  * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251)
    - debian/patches/CVE-2016-2512-regression.patch: force url to unicode
      in django/utils/http.py, added test to
      tests/utils_tests/test_http.py.
    - CVE-2016-2512

 -- Marc Deslauriers <[email protected]>  Fri, 04 Mar 2016
11:07:40 -0500

** Changed in: python-django (Ubuntu Trusty)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1553251

Title:
  USN-2915-1 introduced a regression in is_safe_url()

To manage notifications about this bug go to:
https://bugs.launchpad.net/django/+bug/1553251/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to