-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 3.0 (quilt) Source: python-django Binary: python-django, python3-django, python-django-common, python-django-doc Architecture: all Version: 1.7.7-1 Maintainer: Debian Python Modules Team <[email protected]> Uploaders: Luke Faraone <[email protected]>, Raphaël Hertzog <[email protected]>, Brian May <[email protected]> Homepage: http://www.djangoproject.com/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/cgit/python-modules/packages/python-django.git Vcs-Git: git://anonscm.debian.org/python-modules/packages/python-django.git Build-Depends: debhelper (>= 9), dh-python, python-all (>= 2.6.6-3~), python3-all, python-sphinx (>= 1.0.8), locales (>= 0), python-bcrypt, python3-bcrypt, python-docutils, python3-docutils, python-numpy, python3-numpy, python-pil, python3-pil, python-yaml, python3-yaml, python-tz, python3-tz, python-setuptools, python3-setuptools, python-sqlparse, python3-sqlparse Build-Depends-Indep: libjs-jquery Package-List: python-django deb python optional arch=all python-django-common deb python optional arch=all python-django-doc deb doc optional arch=all python3-django deb python optional arch=all Checksums-Sha1: 614cc9f8e1af6630c54300f6bdd88e7b783614c3 7603286 python-django_1.7.7.orig.tar.gz c38bc1489f5cecb0f91e05449dbc91fbc96c5c50 21708 python-django_1.7.7-1.debian.tar.xz Checksums-Sha256: 4816f892063569ca9a77584fa23cb4995c1b3b954ef875102a8219229cbd2e33 7603286 python-django_1.7.7.orig.tar.gz 54d56fbaf3b4c93a59e44098c58e6362f45f55f0b3e2592a1288b9b699c067e9 21708 python-django_1.7.7-1.debian.tar.xz Files: a62d6598966947d150525ad2ab20fb0c 7603286 python-django_1.7.7.orig.tar.gz 4fba1c456ba33d6a2cfc9a58c5520cb1 21708 python-django_1.7.7-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Signed by Raphael Hertzog iQEcBAEBCAAGBQJVEHQQAAoJEAOIHavrwpq5EwUH/jP3ePp1NubZ18+w5GxcR5wB 1zjgbrqmUPwbID5/mX0igMaegoC9pMfm2Fiu+RhFvZ1rnN37Fy8giX6MpVoxIGxw DvJ8Ny1u6YzUtGwkw1rLxzCXcJngq9Bzx6H9fAN5Zdc98n0+P4L3HTmaF9z5wGSk mDtrTSBUFbTjfCQLk0Fmc8jTgFrD/uUAymieJ6xev6UlzUxv8DPijPQ4O01BJBzM pOofNySAePbqFjm9/V75yylTpcvykJe/5r0nIlg1QJzl8iO7cmSj+lN+NMEkMf/+ MvxE+QexhpysynimKzAvO/TsLMFq+1FiU87EotfGkXHHRu1qmvmf5NwnuO+gS9c= =AeYV -----END PGP SIGNATURE----- Changes: python-django (1.7.7-1) unstable; urgency=high * New upstream security and bugfix release: https://www.djangoproject.com/weblog/2015/mar/18/security-releases/ It fixes: - CVE-2015-2317: possible XSS attack via user-supplied redirect URLs Closes: #780873 - CVE-2015-2316: Denial-of-service possibility with strip_tags() Closes: #780874 -- Raphaël Hertzog <[email protected]> Mon, 23 Mar 2015 20:41:13 +0100