Viewing all changes in revision 39.
- Committer: Package Import Robot
- Date: 2012-11-09 15:56:15 UTC
- Revision ID: package-import@ubuntu.com-20121109155615-eyu2wjqqs3dua0o9
* SECURITY UPDATE: fix Host header poisoning
- debian/patches/CVE-2012-4520.diff: adjust HttpRequest.get_host() to
raise django.core.exceptions.SuspiciousOperation if Host headers contain
potentially dangerous content. Patch thanks to Mackenzie Morgan.
- CVE-2012-4520
- LP: #1068486
- debian/patches/CVE-2012-4520.diff: adjust HttpRequest.get_host() to
raise django.core.exceptions.SuspiciousOperation if Host headers contain
potentially dangerous content. Patch thanks to Mackenzie Morgan.
- CVE-2012-4520
- LP: #1068486
- files added:
- .pc/CVE-2012-4520.diff
- .pc/CVE-2012-4520.diff/django
- .pc/CVE-2012-4520.diff/django/contrib
- .pc/CVE-2012-4520.diff/django/contrib/auth
- .pc/CVE-2012-4520.diff/django/contrib/auth/tests
- .pc/CVE-2012-4520.diff/django/http
- files modified:
- .pc/applied-patches
expand all
collapse all
added
removed
