Viewing all changes in revision 34.
- Committer: Package Import Robot
- Date: 2012-09-06 09:39:29 UTC
- Revision ID: package-import@ubuntu.com-20120906093929-le1vymgmse2012zd
* SECURITY UPDATE: Cross-site scripting in authentication views
(LP: #1031733)
- debian/patches/16_fix_cross_site_scripting_in_authentication.diff:
fix unsafe redirects indjango/http/__init__.py, add test case to
tests/regressiontests/httpwrappers/tests.py. Patch backport taken
from Debian Squeeze and fixed for python 2.4 compatibility.
- CVE-2012-3442
* SECURITY UPDATE: Denial-of-service in image validation (LP: #1031733)
- debian/patches/17_fix_dos_in_image_validation.diff: call verify()
immediately after the constructor in django/forms/fields.py.
- CVE-2012-3443
* SECURITY UPDATE: Denial-of-service via get_image_dimensions()
(LP: #1031733)
- debian/patches/18_fix_dos_via_get_image_dimensions.diff: don't limit
chunk size in django/core/files/images.py.
- CVE-2012-3444
(LP: #1031733)
- debian/patches/16_fix_cross_site_scripting_in_authentication.diff:
fix unsafe redirects indjango/http/__init__.py, add test case to
tests/regressiontests/httpwrappers/tests.py. Patch backport taken
from Debian Squeeze and fixed for python 2.4 compatibility.
- CVE-2012-3442
* SECURITY UPDATE: Denial-of-service in image validation (LP: #1031733)
- debian/patches/17_fix_dos_in_image_validation.diff: call verify()
immediately after the constructor in django/forms/fields.py.
- CVE-2012-3443
* SECURITY UPDATE: Denial-of-service via get_image_dimensions()
(LP: #1031733)
- debian/patches/18_fix_dos_via_get_image_dimensions.diff: don't limit
chunk size in django/core/files/images.py.
- CVE-2012-3444
- files added:
- .pc/.quilt_patches
- .pc/16_fix_cross_site_scripting_in_authentication.diff
- .pc/16_fix_cross_site_scripting_in_authentication.diff/django
- .pc/16_fix_cross_site_scripting_in_authentication.diff/django/http
- .pc/16_fix_cross_site_scripting_in_authentication.diff/tests
- .pc/16_fix_cross_site_scripting_in_authentication.diff/tests/regressiontests
- .pc/16_fix_cross_site_scripting_in_authentication.diff/tests/regressiontests/httpwrappers
- .pc/17_fix_dos_in_image_validation.diff
- .pc/17_fix_dos_in_image_validation.diff/django
- .pc/17_fix_dos_in_image_validation.diff/django/forms
- .pc/18_fix_dos_via_get_image_dimensions.diff
- .pc/18_fix_dos_via_get_image_dimensions.diff/django
- .pc/18_fix_dos_via_get_image_dimensions.diff/django/core
- .pc/18_fix_dos_via_get_image_dimensions.diff/django/core/files
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
