[ubuntu/wily-proposed] python-django 1.7.9-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Aug 20 20:20:14 UTC 2015 

python-django (1.7.9-1ubuntu2) wily; urgency=medium

  * SECURITY UPDATE: denial of service by filling session store
    - debian/patches/CVE-2015-596x.patch: don't create empty sessions in
      django/contrib/sessions/backends/base.py,
      django/contrib/sessions/backends/cached_db.py,
      django/contrib/sessions/middleware.py, added tests to
      django/contrib/sessions/tests.py, updated docs in
      docs/topics/http/sessions.txt.
    - CVE-2015-5963
    - CVE-2015-5964

Date: Thu, 20 Aug 2015 15:59:13 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-django/1.7.9-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 20 Aug 2015 15:59:13 -0400
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Architecture: source
Version: 1.7.9-1ubuntu2
Distribution: wily
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Changes:
 python-django (1.7.9-1ubuntu2) wily; urgency=medium
 .
   * SECURITY UPDATE: denial of service by filling session store
     - debian/patches/CVE-2015-596x.patch: don't create empty sessions in
       django/contrib/sessions/backends/base.py,
       django/contrib/sessions/backends/cached_db.py,
       django/contrib/sessions/middleware.py, added tests to
       django/contrib/sessions/tests.py, updated docs in
       docs/topics/http/sessions.txt.
     - CVE-2015-5963
     - CVE-2015-5964
Checksums-Sha1:
 7f8ec495a8f82a32115a72233be1f0c57447111b 2729 python-django_1.7.9-1ubuntu2.dsc
 dad87486c0a3514af039105cf9d6fdba251e9062 25876 python-django_1.7.9-1ubuntu2.debian.tar.xz
Checksums-Sha256:
 e316465dc4a7a845a25ce75aadcbb96970dd1514504bc936d60b472a7947ecb4 2729 python-django_1.7.9-1ubuntu2.dsc
 f348dc7824fdb7853925d4e2e7c2f746cf1beee18167bef3ace598dda83d5111 25876 python-django_1.7.9-1ubuntu2.debian.tar.xz
Files:
 f175471ce5d865c0480b559c8c63fe2a 2729 python optional python-django_1.7.9-1ubuntu2.dsc
 a162956e89935d8e313a97016e874c91 25876 python optional python-django_1.7.9-1ubuntu2.debian.tar.xz
Original-Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJV1jX/AAoJEGVp2FWnRL6TipoP/iaa7YO6CL/P2MXRNOhA0Koq
PvnqTUapNLJTgCU2SobkWttjbBRNv+A4af/7oaWOFoEgpMvB0ism3IKT7w6Fu00J
dkgv2haEI6PaNAsHSBz1mUzCGfh/QwXqh8qogNa9IAS4Vv27vteiHSUpyjff4slM
Ajlj61RX7EePMroT36Txpx8M47Kpo6djXDfS4p96IAqkDhR7VWo2kQIkF0fOgrrc
m74MyYobTDv8/zW3/YpMP5pZCCFAPKd8EXSeg2eO622RDUwzDzDOiei0eFQw8enL
1LrafFgUvHJDKtSvyAkee6s8QwrB3t/NroBXWpyWtnSa25fsekfKVY+beGK0mFIZ
udijkosdQBehaxBLLByqpAA0N5RX/T2qabkuWnTAdnpmwfzucuGNR/L7Iutw4WWm
hBkihiZB0ZeBy/9cfaSULyYta89g4kJt4OtIA/imEYML6rBVyv0z9kPt/jMa975h
1e2dHhwKzj06L9ggnBtS1EtYw4n4Kk6us3CskLQaYhuYrTadH0Obc0tns85dwiLt
67mCHOy01mDCPJhxy8rLcfsnsFPn7mGQ+B2f6As3j5y5rBDvpCbcyTYULOc5TUWk
YIFDuouG5MgpNot7S1e/YJzEYtT8WVkCDseUXXFU/wHm3q1gXsQYWR7O809NwLqt
bKRI1jLfiO6bkKs8LUmf
=JuQw
-----END PGP SIGNATURE-----

More information about the Wily-changes mailing list