← Back to branch summary

~ubuntu-branches/ubuntu/saucy/python-django/saucy-updates

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-04-22 23:12:52 UTC
  • Revision ID: package-import@ubuntu.com-20140422231252-8cu8s89mk8mik8ac
Tags: 1.5.4-1ubuntu1.2
https://launchpad.net/bugs/1311433
* SECURITY REGRESSION: security fix regression when a view is a partial
  (LP: #1311433)
  - debian/patches/CVE-2014-0472-regression.patch: create the lookup_str
    from the original function whenever a partial is provided as an
    argument to a url pattern in django/core/urlresolvers.py,
    added tests to tests/regressiontests/urlpatterns_reverse/urls.py,
    tests/regressiontests/urlpatterns_reverse/views.py.
  - CVE-2014-0472

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/changelog
 
1
python-django (1.5.4-1ubuntu1.2) saucy-security; urgency=medium
 
2
 
 
3
  * SECURITY REGRESSION: security fix regression when a view is a partial
 
4
    (LP: #1311433)
 
5
    - debian/patches/CVE-2014-0472-regression.patch: create the lookup_str
 
6
      from the original function whenever a partial is provided as an
 
7
      argument to a url pattern in django/core/urlresolvers.py,
 
8
      added tests to tests/regressiontests/urlpatterns_reverse/urls.py,
 
9
      tests/regressiontests/urlpatterns_reverse/views.py.
 
10
    - CVE-2014-0472
 
11
 
 
12
 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 22 Apr 2014 23:12:52 -0400
 
13
 
1
14
python-django (1.5.4-1ubuntu1.1) saucy-security; urgency=medium
2
15
 
3
16
  * SECURITY UPDATE: unexpected code execution using reverse()