python-django (1.6.6-1) unstable; urgency=high
* New upstream security release.
- reverse() can generate URLs pointing to other hosts (CVE-2014-0480)
- file upload denial of service (CVE-2014-0481)
- RemoteUserMiddleware session hijacking (CVE-2014-0482)
- data leakage via querystring manipulation in admin (CVE-2014-0483)
[ Brian May ]
* Don't output stuff to stdout in django-admin. Closes: #757145
[ Raphaƫl Hertzog ]
* Update Vcs-* fields since the packaging repository moved to git.
Date: 2014-08-21 10:25:32.169903+00:00
Changed-By: Debian Python Modules Team
<[email protected]>
Signed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/utopic/+source/python-django/1.6.6-1
Sorry, changesfile not available.
--
Utopic-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.canonical.com/mailman/listinfo/utopic-changes
