Re: [SECURITY] [DLA 590-1] python-django security update

To: Holger Levsen <holger@layer-acht.org>, debian-lts@lists.debian.org
Subject: Re: [SECURITY] [DLA 590-1] python-django security update
From: Brian May <bam@debian.org>
Date: Tue, 09 Aug 2016 20:18:53 +1000
Message-id: <[🔎] 87vaza8ctu.fsf@prune.linuxpenguins.xyz>
In-reply-to: <[🔎] 20160809085102.GD18813@layer-acht.org>
References: <20160809083846.GA8602@prune.linuxpenguins.xyz> <[🔎] 20160809085102.GD18813@layer-acht.org>

Holger Levsen <holger@layer-acht.org> writes:

> https://www.debian.org/security/2016/dsa-3622 says django-python 1.7 is
> prone to a cross-site scripting vulnerability in the admin's add/change
> related popup - is this the issue this DLA is addressing?

No, the upload did not include any new vulnerabilites that I know
of. Otherwise I would have listed them.

See https://lists.debian.org/debian-lts/2016/07/msg00069.html for the
reason why I uploaded.

Also see https://lists.debian.org/debian-lts/2016/08/msg00088.html.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: [SECURITY] [DLA 590-1] python-django security update
  - From: Holger Levsen <holger@layer-acht.org>

References:
- Re: [SECURITY] [DLA 590-1] python-django security update
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Re: Wheezy update of openssh?
Next by Date: Re: [SECURITY] [DLA 590-1] python-django security update
Previous by thread: Re: [SECURITY] [DLA 590-1] python-django security update
Next by thread: Re: [SECURITY] [DLA 590-1] python-django security update
Index(es):
- Date
- Thread