Re: [SRM] python-django 1.0.2-1+lenny1 for stable?

To: "Chris Lamb" <lamby@debian.org>
Cc: 539134@bugs.debian.org, debian-release@lists.debian.org
Subject: Re: [SRM] python-django 1.0.2-1+lenny1 for stable?
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 30 Jul 2009 18:32:26 +0100
Message-id: <[🔎] 901d3b714bbb86065aaa627bf2888662.squirrel@localhost>
In-reply-to: <[🔎] 20090730175857.34f1b004@happycat.chris-lamb.co.uk>
References: <[🔎] 20090730175857.34f1b004@happycat.chris-lamb.co.uk>

On Thu, July 30, 2009 16:58, Chris Lamb wrote:
> There is a minor security problem with python-django in stable; Nion
> recommended the fix went this way instead of stable-security as it does
> not affect typical installations. The patch is upstream-blessed.
>
> The revelant changelog entry is:
>
>  python-django (1.0.2-1+lenny1) stable-proposed-updates; urgency=low
>
>    * Add patch to fix issue with a maliciously crafted URL gaining
>      access to  any file on the filesystem (Closes: #539134)

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Re: [SRM] python-django 1.0.2-1+lenny1 for stable?
  - From: Chris Lamb <lamby@debian.org>

References:
- [SRM] python-django 1.0.2-1+lenny1 for stable?
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Re: [stable] gnome-vfs update for point release (non-working trash)?
Next by Date: Re: [SRM] python-django 1.0.2-1+lenny1 for stable?
Previous by thread: [SRM] python-django 1.0.2-1+lenny1 for stable?
Next by thread: Re: [SRM] python-django 1.0.2-1+lenny1 for stable?
Index(es):
- Date
- Thread