News for package python-django

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (quilt)
Source: python-django
Binary: python-django, python3-django, python-django-common, python-django-doc
Architecture: all
Version: 1.7.1-1.1
Maintainer: Debian Python Modules Team <[email protected]>
Uploaders: Luke Faraone <[email protected]>, Raphaël Hertzog <[email protected]>, Chris Lamb <[email protected]>, Brian May <[email protected]>
Homepage: http://www.djangoproject.com/
Standards-Version: 3.9.6
Vcs-Browser: http://anonscm.debian.org/cgit/python-modules/packages/python-django.git
Vcs-Git: git://anonscm.debian.org/python-modules/packages/python-django.git
Build-Depends: debhelper (>= 9), dh-python, python-all (>= 2.6.6-3~), python3-all, python-sphinx (>= 1.0.8), locales (>= 0), python-bcrypt, python3-bcrypt, python-docutils, python3-docutils, python-numpy, python3-numpy, python-pil, python3-pil, python-yaml, python3-yaml, python-tz, python3-tz, python-setuptools, python3-setuptools, python-sqlparse, python3-sqlparse
Build-Depends-Indep: libjs-jquery
Package-List:
 python-django deb python optional arch=all
 python-django-common deb python optional arch=all
 python-django-doc deb doc optional arch=all
 python3-django deb python optional arch=all
Checksums-Sha1:
 689efc1e6d72b45b4deb451e6ed36ee77389fafc 7527499 python-django_1.7.1.orig.tar.gz
 071d1a477818a2c206b3f10013a820845607eaf8 38364 python-django_1.7.1-1.1.debian.tar.xz
Checksums-Sha256:
 3de62e71ce2cfbcdecb6e344cad04948506c8410ea5c6eab15c8f3b31b8ac1c0 7527499 python-django_1.7.1.orig.tar.gz
 a05a224fe631de9b36701b68fca9f995b6b07b48d05c33a52c055178a3d66ba6 38364 python-django_1.7.1-1.1.debian.tar.xz
Files:
 81dae89f21647b9aa5c46c6b7dbfa349 7527499 python-django_1.7.1.orig.tar.gz
 e63729be481e1f21071f554a0bf1c246 38364 python-django_1.7.1-1.1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJUulZVAAoJEPFn5DyBQ7aClVYQAMzpQ9k6o+AVr0SFBaCOMtQE
Y9GGSfIdHpt/h5IgBswTvZzqllfZeAa5CjtQ+EaUaUV34MBjZuXFHvkGVLMtbZSg
Mzo94g0m1JlmfkPZ7ySP2kVwwAO3Ru7VQPTViZi6VcwZinMQ1yxu/iNVIQPxPFUu
YloIrc0888caTHZyH48vSRZg2VGc6gJ1VXGJYUVe3OQw7H1c+NYaHFepfEDDuGrq
7K2fdzecHk8qd3iBXCqgJPWluYB3QWDXJeTEytSLR5GWCRg2ELoZ+5vvm2QkYHXq
I/u/Cd/496LofwKkrmXJAAlafD6gD9B2ziXqdkl1zjbmI9BXkj67tPRdDuYe0x81
i9Ok1LZhIZq/Qwsz8ahkHHuncHfj1/35s+lHsWzsKGn0S0Ywm+kDLO3NpB75WARG
Qb/SfshxqUzpB8iQXKOITMytKZvW1l9sQX0f70z4wUWScIjC+J95nluUGmw/M4IQ
t71O5TArvw+XdxpBWG0A/p+in/qWdGgCPgyLpjZX5DvjeJIQ0osRJuGMENhMmXeY
RGS2Wf26ZwVlvE5043HeDXRb8F2U2dWgP6SROdG5V/TjJ+d8p6Osrmn+U/DPwPIp
3R3GgNwOQm7/Ehi4sW4VID+LHKjga4TpOrIAE2PY9rnTG/h8KkmzPlU+ysiHexCE
1xGOqnPm67/4aPcssKft
=FivL
-----END PGP SIGNATURE-----

Changes:
python-django (1.7.1-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix CVE-2015-0219 - WSGI header spoofing via underscore/dash
    conflation
  * Fix CVE-2015-0220 - Mitigated possible XSS attack via
    user-supplied redirect URLs.
  * Fix CVE-2015-0221 - Denial-of-service attack against
    django.views.static.serve
  * Fix CVE-2015-0222 - Database denial-of-service with 
    ModelMultipleChoiceField
    (Closes: #775375)

 -- Neil Williams <[email protected]>  Fri, 16 Jan 2015 23:05:55 +0000