Kali Linux Package Tracker
Register | Log in

python-django 1.4.5-1+deb7u9 has been added to Kali Security

News for package python-django

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (quilt)
Source: python-django
Binary: python-django, python-django-doc
Architecture: all
Version: 1.4.5-1+deb7u9
Maintainer: Chris Lamb <[email protected]>
Uploaders: Debian Python Modules Team <[email protected]>, Raphaël Hertzog <[email protected]>, Luke Faraone <[email protected]>
Homepage: http://www.djangoproject.com/
Standards-Version: 3.9.3
Vcs-Browser: http://svn.debian.org/viewsvn/python-modules/packages/python-django/trunk/
Vcs-Svn: svn://svn.debian.org/python-modules/packages/python-django/trunk/
Build-Depends: debhelper (>= 7.0.50), python (>= 2.6.6-3~), python-sphinx (>= 1.0.8), locales (>= 0)
Build-Depends-Indep: libjs-jquery
Package-List: 
 python-django deb python optional
 python-django-doc deb doc optional
Checksums-Sha1: 
 1bfaa4643c6775fbf394137f1533659be45441e7 7735582 python-django_1.4.5.orig.tar.gz
 72e7794a049795d2a16bfa070336046276e17544 53052 python-django_1.4.5-1+deb7u9.debian.tar.gz
Checksums-Sha256: 
 0e1e8c4217299672bbf9404994717fca2d8d4b7a4f7b8b3b74d413e1fda81428 7735582 python-django_1.4.5.orig.tar.gz
 bdd28da574424d333b7797e4bb8cb4f27a11e4c201decd8d10b189c0e35b9258 53052 python-django_1.4.5-1+deb7u9.debian.tar.gz
Files: 
 851d00905eb70e4aa6384b3b8b111fb7 7735582 python-django_1.4.5.orig.tar.gz
 5a169beef36a78db87c87e26fdc5df10 53052 python-django_1.4.5-1+deb7u9.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Signed by Raphael Hertzog

iQEcBAEBCAAGBQJUyVsgAAoJEAOIHavrwpq5hX8H/1uF4R+CzeasoHZn75mWIeNK
4AYgoG9tt0f6uu4hQLaTgQuOW75Su2YGZacNjju6M2CK8KxSUZtTedFmy7tg+Rzf
2SHzaxSqW5zAQDjAQceRLy1Ov7jUoVr9M/FQXQ5wnb3valuR+j2Qds0S7buXEF2z
lM+yTt4CfqaWIe0Szf2s+sLXZ5cgRXhQ1W5vhxb9UcIwdXBuZbcDbgAzu4uPNq2v
Y9IYsBh6BPlQSqOU8trB7R15zsRccxhRPLJUTiyJ9nfNwYV+Ho80cNkKDzXKj7j8
dG6LwxVUu8tk0hgHpEUva3ldRYxbP4HlgJzlnjRGcn4/Q53JYsQExvNncpAFPQM=
=xRnv
-----END PGP SIGNATURE-----

Changes:
python-django (1.4.5-1+deb7u9) wheezy-security; urgency=high

  * New upstream security release:
    https://www.djangoproject.com/weblog/2015/jan/13/security/
    - WSGI header spoofing via underscore/dash conflation (CVE-2015-0219)
    - Possible XSS attack via user-supplied redirect URLs (CVE-2015-0220)
    - Denial-of-service attack against django.views.static.serve
      (CVE-2015-0221)
    Closes: #775375
  * Also include a fix for a regression introduced by the patch for
    CVE-2015-0221: https://code.djangoproject.com/ticket/24158

 -- Raphaël Hertzog <[email protected]>  Wed, 28 Jan 2015 10:24:59 +0100