Re: [SRM] python-django 1.0.2-1+lenny1 for stable?
On Thu, July 30, 2009 16:58, Chris Lamb wrote:
> There is a minor security problem with python-django in stable; Nion
> recommended the fix went this way instead of stable-security as it does
> not affect typical installations. The patch is upstream-blessed.
>
> The revelant changelog entry is:
>
> python-django (1.0.2-1+lenny1) stable-proposed-updates; urgency=low
>
> * Add patch to fix issue with a maliciously crafted URL gaining
> access to any file on the filesystem (Closes: #539134)
Please go ahead.
Regards,
Adam
Reply to: