Accepted python-django 1.0.2-1+lenny1 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted python-django 1.0.2-1+lenny1 (source all)
From: Chris Lamb <lamby@debian.org>
Date: Fri, 04 Sep 2009 18:32:44 +0000
Message-id: <[🔎] E1MjdaW-0006GT-Nf@ries.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 30 Jul 2009 17:43:56 +0200
Source: python-django
Binary: python-django
Architecture: source all
Version: 1.0.2-1+lenny1
Distribution: stable-proposed-updates
Urgency: low
Maintainer: Brett Parker <iDunno@sommitrealweird.co.uk>
Changed-By: Chris Lamb <lamby@debian.org>
Description: 
 python-django - A high-level Python Web framework
Closes: 539134
Changes: 
 python-django (1.0.2-1+lenny1) stable-proposed-updates; urgency=low
 .
   * Add patch to fix issue with a maliciously crafted URL gaining access to
     any file on the filesystem (Closes: #539134)
 .
     Upstream writes:
 .
       Django includes a lightweight, WSGI-based web server for use in
       learning Django and in testing new applications during early stages of
       development. For sake of convenience, this web server automatically
       maps certain URLs corresponding to the static media files used by the
       Django administrative application.
 .
       The handler which maps these URLs did not properly check the requested
       URL to verify that it corresponds to a static media file used by
       Django. As such, a carefully-crafted URL can cause the development
       server to serve any file to which it has read access.
 .
              <http://www.djangoproject.com/weblog/2009/jul/28/security/>
Checksums-Sha1: 
 853a69b3a6c5b7e6d8113300ca5daa9ae93b0602 1606 python-django_1.0.2-1+lenny1.dsc
 f2d9088f17aff47ea17e5767740cab67b2a73b6b 4649433 python-django_1.0.2.orig.tar.gz
 8c5ce9095b8e68e5e06a734f0ab8c3b57de7cb63 15074 python-django_1.0.2-1+lenny1.diff.gz
 55bc9af48b7b17495881ac0d8e75e43d3fcf0be1 4704274 python-django_1.0.2-1+lenny1_all.deb
Checksums-Sha256: 
 eaea5115fc5e43e487e8e30785084d7707ba5a0c82b881b5c0439de1beb5397f 1606 python-django_1.0.2-1+lenny1.dsc
 50a5d228743a69a682899b20141194bf8fd3fd75eaf33ba5f2932f43ea93ea0d 4649433 python-django_1.0.2.orig.tar.gz
 cfcdbb5e48ae07a36d82028f6f4a14278c9749c638db486c75c4ed58a17966e0 15074 python-django_1.0.2-1+lenny1.diff.gz
 bd41ecacec4653f999e9e6f7ced2ec49b5eeb171ff39c02c30bd124063ac0832 4704274 python-django_1.0.2-1+lenny1_all.deb
Files: 
 68232b6343d631cd5cf7776d7e574f09 1606 python optional python-django_1.0.2-1+lenny1.dsc
 89353e3749668778f1370d2e444f3adc 4649433 python optional python-django_1.0.2.orig.tar.gz
 9e54cef320ce7d274f691ad8d11084b2 15074 python optional python-django_1.0.2-1+lenny1.diff.gz
 a069a680667fe04419621312634d25ec 4704274 python optional python-django_1.0.2-1+lenny1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkpxwpMACgkQ5/8uW2NPmiB9kwCePmfFkods2yLOl7jRuh0+na0F
ifMAnib70VvOsz7WD9zH+REm5DDwqAW0
=ZwWR
-----END PGP SIGNATURE-----


Accepted:
python-django_1.0.2-1+lenny1.diff.gz
  to pool/main/p/python-django/python-django_1.0.2-1+lenny1.diff.gz
python-django_1.0.2-1+lenny1.dsc
  to pool/main/p/python-django/python-django_1.0.2-1+lenny1.dsc
python-django_1.0.2-1+lenny1_all.deb
  to pool/main/p/python-django/python-django_1.0.2-1+lenny1_all.deb

Reply to:

Prev by Date: Accepted libxml2 2.6.32.dfsg-5+lenny1 (source all amd64)
Next by Date: Accepted avelsieve 1.9.7-6+lenny1 (source all)
Previous by thread: Accepted libxml2 2.6.32.dfsg-5+lenny1 (source all amd64)
Next by thread: Accepted avelsieve 1.9.7-6+lenny1 (source all)
Index(es):
- Date
- Thread