[Bug 1553251] [NEW] USN-2915-1 introduced a regression in is_safe_url()

Marc Deslauriers marc.deslauriers at canonical.com
Fri Mar 4 15:58:01 UTC 2016 

*** This bug is a security vulnerability ***

Public security bug reported:

See
https://github.com/claudep/django/commit/7ee019b60ab696930c8b692bff7d29c0f4cea885

** Affects: django
     Importance: Unknown
         Status: Unknown

** Affects: python-django (Ubuntu)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Precise)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Trusty)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Wily)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Xenial)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Bug watch added: Django Bug Tracker #26308
   http://code.djangoproject.com/ticket/26308

** Also affects: django via
   http://code.djangoproject.com/ticket/26308
   Importance: Unknown
       Status: Unknown

** Also affects: python-django (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: python-django (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: python-django (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: python-django (Ubuntu Wily)
   Importance: Undecided
       Status: New

** Changed in: python-django (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Trusty)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Wily)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Xenial)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Precise)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: python-django (Ubuntu Trusty)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: python-django (Ubuntu Wily)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: python-django (Ubuntu Xenial)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to python-django in Ubuntu.
https://bugs.launchpad.net/bugs/1553251

Title:
  USN-2915-1 introduced a regression in is_safe_url()

To manage notifications about this bug go to:
https://bugs.launchpad.net/django/+bug/1553251/+subscriptions

More information about the Ubuntu-server-bugs mailing list