On Fri, 2016-11-11 at 08:46 +1100, Brian May wrote: > > Brian May <email@example.com> writes: > > > I think I understand this security issue now. I should be able to work > > on a fix for wheezy-security tomorrow. > > Ok, I have packages available for testing at: > > https://people.debian.org/~bam/debian/pool/main/p/python-django/ > > The debdiff is below. > > diff -Nru python-django-1.4.22/debian/changelog python-django-1.4.22/debian/changelog > > --- python-django-1.4.22/debian/changelog 2016-10-07 07:17:00.000000000 +1100 > > +++ python-django-1.4.22/debian/changelog 2016-11-03 18:09:17.000000000 +1100 > @@ -1,3 +1,11 @@ > +python-django (1.4.22-1+deb7u2) wheezy-security; urgency=high > + > + * Non-maintainer upload by the LTS Team. > + * Fix CVE-2016-9013: Generated a random database user password when running > + tests on Oracle. [...] That's not the issue being patched. Ben. -- Ben Hutchings Q. Which is the greater problem in the world today, ignorance or apathy? A. I don't know and I couldn't care less.
Description: This is a digitally signed message part