← Back to branch summary

~ubuntu-branches/ubuntu/saucy/python-django/saucy-updates

  • Committer: Package Import Robot
  • Author(s): Seth Arnold
  • Date: 2014-05-14 11:00:30 UTC
  • Revision ID: package-import@ubuntu.com-20140514110030-yhmd7dx55yxd735g
Tags: 1.5.4-1ubuntu1.3
https://launchpad.net/bugs/1317663
* SECURITY UPDATE: cache coherency problems in old Internet Explorer
  compatibility functions lead to loss of privacy and cache poisoning
  attacks. (LP: #1317663)
  - debian/patches/drop_fix_ie_for_vary_1_5.diff: remove fix_IE_for_vary()
    and fix_IE_for_attach() functions so Cache-Control and Vary headers are
    no longer modified. This may introduce some regressions for IE 6 and IE 7
    users. Patch from upstream.
  - CVE-2014-1418
* SECURITY UPDATE: The validation for redirects did not correctly validate
  some malformed URLs, which are accepted by some browsers. This allows a
  user to be redirected to an unsafe URL unexpectedly.
  - debian/patches/is_safe_url_1_5.diff: Forbid URLs starting with '///',
    forbid URLs without a host but with a path. Patch from upstream.
Filename Latest Rev Last Changed Committer Comment Size
..
modeltests 1.3.4 15 years ago Bazaar Package Importer Import upstream version 1.2~alpha1 Diff
regressiontests 1.3.4 15 years ago Bazaar Package Importer Import upstream version 1.2~alpha1 Diff
requirements 1.3.9 11 years ago Package Import Robot Import upstream version 1.5.2 Diff
templates 1.3.4 15 years ago Bazaar Package Importer Import upstream version 1.2~alpha1 Diff
.coveragerc 1.2.14 12 years ago Package Import Robot Import upstream version 1.4.2 320 bytes Diff Download File
File runtests.py 1.3.8 11 years ago Package Import Robot Import upstream version 1.5.1 13.2 KB Diff Download File
test_sqlite.py 1.3.7 11 years ago Package Import Robot Import upstream version 1.5 1.1 KB Diff Download File
urls.py 1.2.12 12 years ago Package Import Robot Import upstream version 1.4 1.1 KB Diff Download File