View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/python-django
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/ubuntu/dsc 2020-01-07 17:13:42 UTC 2020-01-07
DSC file for 2:2.2.9-2ubuntu1

Author: Ubuntu Git Importer
Author Date: 2020-01-07 17:13:42 UTC

DSC file for 2:2.2.9-2ubuntu1

importer/debian/dsc 2020-01-07 17:06:12 UTC 2020-01-07
DSC file for 2:3.0.2-1

Author: Ubuntu Git Importer
Author Date: 2020-01-07 17:06:12 UTC

DSC file for 2:3.0.2-1

debian/experimental 2020-01-02 16:26:48 UTC 2020-01-02
Import patches-unapplied version 2:3.0.2-1 to debian/experimental

Author: lamby
Author Date: 2020-01-02 10:52:39 UTC

Import patches-unapplied version 2:3.0.2-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 77273f6af3f219b62c14801986b9aece9135462b

New changelog entries:
  * New upstream bugfix release.
    <https://www.djangoproject.com/weblog/2020/jan/02/django-bugfix-release-302/>
  * Add python3-selenium to test-dependencies and to a runtime "Suggests".
    (Closes: #947549)

applied/debian/experimental 2020-01-02 16:26:48 UTC 2020-01-02
Import patches-applied version 2:3.0.2-1 to applied/debian/experimental

Author: lamby
Author Date: 2020-01-02 10:52:39 UTC

Import patches-applied version 2:3.0.2-1 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: 7c5158f2e3ba673aadda513babf64441aa37d0c4
Unapplied parent: 1291fd1aa499135205c0b72654a201fd80c3046c

New changelog entries:
  * New upstream bugfix release.
    <https://www.djangoproject.com/weblog/2020/jan/02/django-bugfix-release-302/>
  * Add python3-selenium to test-dependencies and to a runtime "Suggests".
    (Closes: #947549)

ubuntu/focal 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: accdbf65afb0be9095dfddc71b935851392680d1

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

applied/ubuntu/focal 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 3664e3a11ff1323e4f11caece554a6712b840fde
Unapplied parent: d0dc9947d9c0fab9d48565ab3b17c3cde9d6db52

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

applied/ubuntu/focal-proposed 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 3664e3a11ff1323e4f11caece554a6712b840fde
Unapplied parent: d0dc9947d9c0fab9d48565ab3b17c3cde9d6db52

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

applied/ubuntu/focal-devel 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 3664e3a11ff1323e4f11caece554a6712b840fde
Unapplied parent: d0dc9947d9c0fab9d48565ab3b17c3cde9d6db52

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

applied/ubuntu/devel 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-applied version 2:2.2.9-2ubuntu1 to applied/ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: 3664e3a11ff1323e4f11caece554a6712b840fde
Unapplied parent: d0dc9947d9c0fab9d48565ab3b17c3cde9d6db52

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

ubuntu/focal-proposed 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: accdbf65afb0be9095dfddc71b935851392680d1

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

ubuntu/devel 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: accdbf65afb0be9095dfddc71b935851392680d1

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

ubuntu/focal-devel 2020-01-02 13:26:07 UTC 2020-01-02
Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Author: Gianfranco Costamagna
Author Date: 2020-01-02 14:23:51 UTC

Import patches-unapplied version 2:2.2.9-2ubuntu1 to ubuntu/focal-proposed

Imported using git-ubuntu import.

Changelog parent: accdbf65afb0be9095dfddc71b935851392680d1

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - Mark a few failing tests as expected.

debian/sid 2019-12-28 16:42:40 UTC 2019-12-28
Import patches-unapplied version 2:2.2.9-2 to debian/sid

Author: lamby
Author Date: 2019-12-28 11:11:37 UTC

Import patches-unapplied version 2:2.2.9-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 214dc44dce918bf66c91ee502361f0ef3e0859f4

New changelog entries:
  * Add python3-selenium to test-dependencies and to a runtime "Suggests".
    (Closes: #947549)

applied/debian/sid 2019-12-28 16:42:40 UTC 2019-12-28
Import patches-applied version 2:2.2.9-2 to applied/debian/sid

Author: lamby
Author Date: 2019-12-28 11:11:37 UTC

Import patches-applied version 2:2.2.9-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: fee1c683079c01c387825fb5b414eeea24beb674
Unapplied parent: c085b0f7edb7f3dec2cb07eddc70418928969e8b

New changelog entries:
  * Add python3-selenium to test-dependencies and to a runtime "Suggests".
    (Closes: #947549)

applied/ubuntu/disco-updates 2019-12-19 00:49:48 UTC 2019-12-19
Import patches-applied version 1:1.11.20-1ubuntu0.3 to applied/ubuntu/disco-s...

Author: Steve Beattie
Author Date: 2019-12-18 08:42:46 UTC

Import patches-applied version 1:1.11.20-1ubuntu0.3 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: b66e2ec3b497871fed748ea44701707da2dc6640
Unapplied parent: a02113e19ea57ee09d3f41cfd50e68e502eacb03

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/disco-updates 2019-12-19 00:49:48 UTC 2019-12-19
Import patches-unapplied version 1:1.11.20-1ubuntu0.3 to ubuntu/disco-security

Author: Steve Beattie
Author Date: 2019-12-18 08:42:46 UTC

Import patches-unapplied version 1:1.11.20-1ubuntu0.3 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: d69fe366ded57da59ae12362975fe0a5f392c8b7

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/disco-devel 2019-12-19 00:49:48 UTC 2019-12-19
Import patches-applied version 1:1.11.20-1ubuntu0.3 to applied/ubuntu/disco-s...

Author: Steve Beattie
Author Date: 2019-12-18 08:42:46 UTC

Import patches-applied version 1:1.11.20-1ubuntu0.3 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: b66e2ec3b497871fed748ea44701707da2dc6640
Unapplied parent: a02113e19ea57ee09d3f41cfd50e68e502eacb03

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/disco-devel 2019-12-19 00:49:48 UTC 2019-12-19
Import patches-unapplied version 1:1.11.20-1ubuntu0.3 to ubuntu/disco-security

Author: Steve Beattie
Author Date: 2019-12-18 08:42:46 UTC

Import patches-unapplied version 1:1.11.20-1ubuntu0.3 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: d69fe366ded57da59ae12362975fe0a5f392c8b7

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/disco-security 2019-12-19 00:49:48 UTC 2019-12-19
Import patches-applied version 1:1.11.20-1ubuntu0.3 to applied/ubuntu/disco-s...

Author: Steve Beattie
Author Date: 2019-12-18 08:42:46 UTC

Import patches-applied version 1:1.11.20-1ubuntu0.3 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: b66e2ec3b497871fed748ea44701707da2dc6640
Unapplied parent: a02113e19ea57ee09d3f41cfd50e68e502eacb03

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/disco-security 2019-12-19 00:49:48 UTC 2019-12-19
Import patches-unapplied version 1:1.11.20-1ubuntu0.3 to ubuntu/disco-security

Author: Steve Beattie
Author Date: 2019-12-18 08:42:46 UTC

Import patches-unapplied version 1:1.11.20-1ubuntu0.3 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: d69fe366ded57da59ae12362975fe0a5f392c8b7

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/bionic-devel 2019-12-19 00:49:47 UTC 2019-12-19
Import patches-applied version 1:1.11.11-1ubuntu1.6 to applied/ubuntu/bionic-...

Author: Steve Beattie
Author Date: 2019-12-18 08:44:43 UTC

Import patches-applied version 1:1.11.11-1ubuntu1.6 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: ea9f8388f3f130b88a5ddb0a3feb0e8c375e559d
Unapplied parent: e84448b67da1e9cd77ffec165bab3db2a5197bb8

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/bionic-updates 2019-12-19 00:49:47 UTC 2019-12-19
Import patches-applied version 1:1.11.11-1ubuntu1.6 to applied/ubuntu/bionic-...

Author: Steve Beattie
Author Date: 2019-12-18 08:44:43 UTC

Import patches-applied version 1:1.11.11-1ubuntu1.6 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: ea9f8388f3f130b88a5ddb0a3feb0e8c375e559d
Unapplied parent: e84448b67da1e9cd77ffec165bab3db2a5197bb8

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/bionic-updates 2019-12-19 00:49:47 UTC 2019-12-19
Import patches-unapplied version 1:1.11.11-1ubuntu1.6 to ubuntu/bionic-security

Author: Steve Beattie
Author Date: 2019-12-18 08:44:43 UTC

Import patches-unapplied version 1:1.11.11-1ubuntu1.6 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 6e7c2dfe3647b7ae28535b2d88c02d97c26946b7

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/bionic-security 2019-12-19 00:49:47 UTC 2019-12-19
Import patches-applied version 1:1.11.11-1ubuntu1.6 to applied/ubuntu/bionic-...

Author: Steve Beattie
Author Date: 2019-12-18 08:44:43 UTC

Import patches-applied version 1:1.11.11-1ubuntu1.6 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: ea9f8388f3f130b88a5ddb0a3feb0e8c375e559d
Unapplied parent: e84448b67da1e9cd77ffec165bab3db2a5197bb8

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/bionic-devel 2019-12-19 00:49:47 UTC 2019-12-19
Import patches-unapplied version 1:1.11.11-1ubuntu1.6 to ubuntu/bionic-security

Author: Steve Beattie
Author Date: 2019-12-18 08:44:43 UTC

Import patches-unapplied version 1:1.11.11-1ubuntu1.6 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 6e7c2dfe3647b7ae28535b2d88c02d97c26946b7

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/bionic-security 2019-12-19 00:49:47 UTC 2019-12-19
Import patches-unapplied version 1:1.11.11-1ubuntu1.6 to ubuntu/bionic-security

Author: Steve Beattie
Author Date: 2019-12-18 08:44:43 UTC

Import patches-unapplied version 1:1.11.11-1ubuntu1.6 to ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 6e7c2dfe3647b7ae28535b2d88c02d97c26946b7

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/xenial-updates 2019-12-19 00:49:44 UTC 2019-12-19
Import patches-applied version 1.8.7-1ubuntu5.11 to applied/ubuntu/xenial-sec...

Author: Steve Beattie
Author Date: 2019-12-18 12:37:04 UTC

Import patches-applied version 1.8.7-1ubuntu5.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 08b24feaeedd6aadc629a4d95d1974351c78f4d6
Unapplied parent: 2c526ebbe03a687a38b8e5ec9fdfc926061c5b81

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/xenial-security 2019-12-19 00:49:44 UTC 2019-12-19
Import patches-unapplied version 1.8.7-1ubuntu5.11 to ubuntu/xenial-security

Author: Steve Beattie
Author Date: 2019-12-18 12:37:04 UTC

Import patches-unapplied version 1.8.7-1ubuntu5.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: e054bb1ba73ded5cbea6dc26f7492e75e86add8f

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/xenial-devel 2019-12-19 00:49:44 UTC 2019-12-19
Import patches-applied version 1.8.7-1ubuntu5.11 to applied/ubuntu/xenial-sec...

Author: Steve Beattie
Author Date: 2019-12-18 12:37:04 UTC

Import patches-applied version 1.8.7-1ubuntu5.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 08b24feaeedd6aadc629a4d95d1974351c78f4d6
Unapplied parent: 2c526ebbe03a687a38b8e5ec9fdfc926061c5b81

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/xenial-updates 2019-12-19 00:49:44 UTC 2019-12-19
Import patches-unapplied version 1.8.7-1ubuntu5.11 to ubuntu/xenial-security

Author: Steve Beattie
Author Date: 2019-12-18 12:37:04 UTC

Import patches-unapplied version 1.8.7-1ubuntu5.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: e054bb1ba73ded5cbea6dc26f7492e75e86add8f

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/xenial-devel 2019-12-19 00:49:44 UTC 2019-12-19
Import patches-unapplied version 1.8.7-1ubuntu5.11 to ubuntu/xenial-security

Author: Steve Beattie
Author Date: 2019-12-18 12:37:04 UTC

Import patches-unapplied version 1.8.7-1ubuntu5.11 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: e054bb1ba73ded5cbea6dc26f7492e75e86add8f

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/xenial-security 2019-12-19 00:49:44 UTC 2019-12-19
Import patches-applied version 1.8.7-1ubuntu5.11 to applied/ubuntu/xenial-sec...

Author: Steve Beattie
Author Date: 2019-12-18 12:37:04 UTC

Import patches-applied version 1.8.7-1ubuntu5.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 08b24feaeedd6aadc629a4d95d1974351c78f4d6
Unapplied parent: 2c526ebbe03a687a38b8e5ec9fdfc926061c5b81

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/eoan-devel 2019-12-19 00:49:43 UTC 2019-12-19
Import patches-applied version 1:1.11.22-1ubuntu1.1 to applied/ubuntu/eoan-se...

Author: Steve Beattie
Author Date: 2019-12-18 08:40:29 UTC

Import patches-applied version 1:1.11.22-1ubuntu1.1 to applied/ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 7a4aeb010df983fe49299fc5f47b721de4dfa317
Unapplied parent: 8646ec2dc5db49c503ab7cb4dbacacc228d06e18

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/eoan-security 2019-12-19 00:49:43 UTC 2019-12-19
Import patches-unapplied version 1:1.11.22-1ubuntu1.1 to ubuntu/eoan-security

Author: Steve Beattie
Author Date: 2019-12-18 08:40:29 UTC

Import patches-unapplied version 1:1.11.22-1ubuntu1.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 112c29cc4464ed11c0e665ff879d8a3ba02547e9

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/eoan-updates 2019-12-19 00:49:43 UTC 2019-12-19
Import patches-unapplied version 1:1.11.22-1ubuntu1.1 to ubuntu/eoan-security

Author: Steve Beattie
Author Date: 2019-12-18 08:40:29 UTC

Import patches-unapplied version 1:1.11.22-1ubuntu1.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 112c29cc4464ed11c0e665ff879d8a3ba02547e9

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/eoan-updates 2019-12-19 00:49:43 UTC 2019-12-19
Import patches-applied version 1:1.11.22-1ubuntu1.1 to applied/ubuntu/eoan-se...

Author: Steve Beattie
Author Date: 2019-12-18 08:40:29 UTC

Import patches-applied version 1:1.11.22-1ubuntu1.1 to applied/ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 7a4aeb010df983fe49299fc5f47b721de4dfa317
Unapplied parent: 8646ec2dc5db49c503ab7cb4dbacacc228d06e18

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

ubuntu/eoan-devel 2019-12-19 00:49:43 UTC 2019-12-19
Import patches-unapplied version 1:1.11.22-1ubuntu1.1 to ubuntu/eoan-security

Author: Steve Beattie
Author Date: 2019-12-18 08:40:29 UTC

Import patches-unapplied version 1:1.11.22-1ubuntu1.1 to ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 112c29cc4464ed11c0e665ff879d8a3ba02547e9

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/eoan-security 2019-12-19 00:49:43 UTC 2019-12-19
Import patches-applied version 1:1.11.22-1ubuntu1.1 to applied/ubuntu/eoan-se...

Author: Steve Beattie
Author Date: 2019-12-18 08:40:29 UTC

Import patches-applied version 1:1.11.22-1ubuntu1.1 to applied/ubuntu/eoan-security

Imported using git-ubuntu import.

Changelog parent: 7a4aeb010df983fe49299fc5f47b721de4dfa317
Unapplied parent: 8646ec2dc5db49c503ab7cb4dbacacc228d06e18

New changelog entries:
  * SECURITY UPDATE: Potential account hijack via password reset form
    - debian/patches/CVE-2019-19844.patch: Use verified user email for
      password reset requests.
    - CVE-2019-19844

applied/ubuntu/eoan 2019-09-19 14:39:09 UTC 2019-09-19
Import patches-applied version 1:1.11.22-1ubuntu1 to applied/ubuntu/eoan-prop...

Author: Marc Deslauriers
Author Date: 2019-09-19 16:21:15 UTC

Import patches-applied version 1:1.11.22-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: cc20d840e67ca1354449d3087090baac9b283cb8
Unapplied parent: b103daddade83d791b901e47404d5d450b0ad921

New changelog entries:
  * SECURITY UPDATE: Denial-of-service possibility in
    django.utils.text.Truncator
    - debian/patches/CVE-2019-14232.patch: adjusted regex to avoid
      backtracking issues when truncating HTML in django/utils/text.py,
      tests/template_tests/filter_tests/test_truncatewords_html.py,
      tests/utils_tests/test_text.py.
    - CVE-2019-14232
  * SECURITY UPDATE: Denial-of-service possibility in strip_tags()
    - debian/patches/CVE-2019-14233.patch: prevented excessive HTMLParser
      recursion in strip_tags() when handling incomplete HTML entities in
      django/utils/html.py, tests/utils_tests/test_html.py.
    - CVE-2019-14233
  * SECURITY UPDATE: SQL injection possibility in key and index lookups for
    JSONField/HStoreField
    - debian/patches/CVE-2019-14234.patch: protected JSONField/HStoreField
      key and index lookups against SQL injection in
      django/contrib/postgres/fields/hstore.py,
      django/contrib/postgres/fields/jsonb.py,
      tests/postgres_tests/test_hstore.py,
      tests/postgres_tests/test_json.py.
    - CVE-2019-14234
  * SECURITY UPDATE: Potential memory exhaustion in
    django.utils.encoding.uri_to_iri()
    - debian/patches/CVE-2019-14235.patch: fixed potential memory
      exhaustion in django.utils.encoding.uri_to_iri() in
      django/utils/encoding.py, tests/utils_tests/test_encoding.py.
    - CVE-2019-14235

ubuntu/eoan-proposed 2019-09-19 14:39:09 UTC 2019-09-19
Import patches-unapplied version 1:1.11.22-1ubuntu1 to ubuntu/eoan-proposed

Author: Marc Deslauriers
Author Date: 2019-09-19 16:21:15 UTC

Import patches-unapplied version 1:1.11.22-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 5b8f9eeb52aec193838eeb278e8f2c46f03f7226

New changelog entries:
  * SECURITY UPDATE: Denial-of-service possibility in
    django.utils.text.Truncator
    - debian/patches/CVE-2019-14232.patch: adjusted regex to avoid
      backtracking issues when truncating HTML in django/utils/text.py,
      tests/template_tests/filter_tests/test_truncatewords_html.py,
      tests/utils_tests/test_text.py.
    - CVE-2019-14232
  * SECURITY UPDATE: Denial-of-service possibility in strip_tags()
    - debian/patches/CVE-2019-14233.patch: prevented excessive HTMLParser
      recursion in strip_tags() when handling incomplete HTML entities in
      django/utils/html.py, tests/utils_tests/test_html.py.
    - CVE-2019-14233
  * SECURITY UPDATE: SQL injection possibility in key and index lookups for
    JSONField/HStoreField
    - debian/patches/CVE-2019-14234.patch: protected JSONField/HStoreField
      key and index lookups against SQL injection in
      django/contrib/postgres/fields/hstore.py,
      django/contrib/postgres/fields/jsonb.py,
      tests/postgres_tests/test_hstore.py,
      tests/postgres_tests/test_json.py.
    - CVE-2019-14234
  * SECURITY UPDATE: Potential memory exhaustion in
    django.utils.encoding.uri_to_iri()
    - debian/patches/CVE-2019-14235.patch: fixed potential memory
      exhaustion in django.utils.encoding.uri_to_iri() in
      django/utils/encoding.py, tests/utils_tests/test_encoding.py.
    - CVE-2019-14235

ubuntu/eoan 2019-09-19 14:39:09 UTC 2019-09-19
Import patches-unapplied version 1:1.11.22-1ubuntu1 to ubuntu/eoan-proposed

Author: Marc Deslauriers
Author Date: 2019-09-19 16:21:15 UTC

Import patches-unapplied version 1:1.11.22-1ubuntu1 to ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: 5b8f9eeb52aec193838eeb278e8f2c46f03f7226

New changelog entries:
  * SECURITY UPDATE: Denial-of-service possibility in
    django.utils.text.Truncator
    - debian/patches/CVE-2019-14232.patch: adjusted regex to avoid
      backtracking issues when truncating HTML in django/utils/text.py,
      tests/template_tests/filter_tests/test_truncatewords_html.py,
      tests/utils_tests/test_text.py.
    - CVE-2019-14232
  * SECURITY UPDATE: Denial-of-service possibility in strip_tags()
    - debian/patches/CVE-2019-14233.patch: prevented excessive HTMLParser
      recursion in strip_tags() when handling incomplete HTML entities in
      django/utils/html.py, tests/utils_tests/test_html.py.
    - CVE-2019-14233
  * SECURITY UPDATE: SQL injection possibility in key and index lookups for
    JSONField/HStoreField
    - debian/patches/CVE-2019-14234.patch: protected JSONField/HStoreField
      key and index lookups against SQL injection in
      django/contrib/postgres/fields/hstore.py,
      django/contrib/postgres/fields/jsonb.py,
      tests/postgres_tests/test_hstore.py,
      tests/postgres_tests/test_json.py.
    - CVE-2019-14234
  * SECURITY UPDATE: Potential memory exhaustion in
    django.utils.encoding.uri_to_iri()
    - debian/patches/CVE-2019-14235.patch: fixed potential memory
      exhaustion in django.utils.encoding.uri_to_iri() in
      django/utils/encoding.py, tests/utils_tests/test_encoding.py.
    - CVE-2019-14235

applied/ubuntu/eoan-proposed 2019-09-19 14:39:09 UTC 2019-09-19
Import patches-applied version 1:1.11.22-1ubuntu1 to applied/ubuntu/eoan-prop...

Author: Marc Deslauriers
Author Date: 2019-09-19 16:21:15 UTC

Import patches-applied version 1:1.11.22-1ubuntu1 to applied/ubuntu/eoan-proposed

Imported using git-ubuntu import.

Changelog parent: cc20d840e67ca1354449d3087090baac9b283cb8
Unapplied parent: b103daddade83d791b901e47404d5d450b0ad921

New changelog entries:
  * SECURITY UPDATE: Denial-of-service possibility in
    django.utils.text.Truncator
    - debian/patches/CVE-2019-14232.patch: adjusted regex to avoid
      backtracking issues when truncating HTML in django/utils/text.py,
      tests/template_tests/filter_tests/test_truncatewords_html.py,
      tests/utils_tests/test_text.py.
    - CVE-2019-14232
  * SECURITY UPDATE: Denial-of-service possibility in strip_tags()
    - debian/patches/CVE-2019-14233.patch: prevented excessive HTMLParser
      recursion in strip_tags() when handling incomplete HTML entities in
      django/utils/html.py, tests/utils_tests/test_html.py.
    - CVE-2019-14233
  * SECURITY UPDATE: SQL injection possibility in key and index lookups for
    JSONField/HStoreField
    - debian/patches/CVE-2019-14234.patch: protected JSONField/HStoreField
      key and index lookups against SQL injection in
      django/contrib/postgres/fields/hstore.py,
      django/contrib/postgres/fields/jsonb.py,
      tests/postgres_tests/test_hstore.py,
      tests/postgres_tests/test_json.py.
    - CVE-2019-14234
  * SECURITY UPDATE: Potential memory exhaustion in
    django.utils.encoding.uri_to_iri()
    - debian/patches/CVE-2019-14235.patch: fixed potential memory
      exhaustion in django.utils.encoding.uri_to_iri() in
      django/utils/encoding.py, tests/utils_tests/test_encoding.py.
    - CVE-2019-14235

debian/stretch 2019-09-07 18:03:39 UTC 2019-09-07
Import patches-unapplied version 1:1.10.7-2+deb9u6 to debian/stretch

Author: lamby
Author Date: 2019-08-08 10:42:49 UTC

Import patches-unapplied version 1:1.10.7-2+deb9u6 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 7dbd408d195062b70aeb256d0e8820e536351b12

New changelog entries:
  * Backport four security patches from upstream. (Closes: #934026)
    <https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>
    - CVE-2019-14232: Denial-of-service possibility in
      django.utils.text.Truncator
      If django.utils.text.Truncator's chars() and words() methods were passed
      the html=True argument, they were extremely slow to evaluate certain
      inputs due to a catastrophic backtracking vulnerability in a regular
      expression. The chars() and words() methods are used to implement the
      truncatechars_html and truncatewords_html template filters, which were
      thus vulnerable.
      The regular expressions used by Truncator have been simplified in order
      to avoid potential backtracking issues. As a consequence, trailing
      punctuation may now at times be included in the truncated output.
    - CVE-2019-14233: Denial-of-service possibility in strip_tags()
      Due to the behavior of the underlying HTMLParser,
      django.utils.html.strip_tags() would be extremely slow to evaluate
      certain inputs containing large sequences of nested incomplete HTML
      entities. The strip_tags() method is used to implement the corresponding
      striptags template filter, which was thus also vulnerable.
      strip_tags() now avoids recursive calls to HTMLParser when progress
      removing tags, but necessarily incomplete HTML entities, stops being
      made.
      Remember that absolutely NO guarantee is provided about the results of
      strip_tags() being HTML safe. So NEVER mark safe the result of a
      strip_tags() call without escaping it first, for example with
      django.utils.html.escape().
    - CVE-2019-14234: SQL injection possibility in key and index lookups for
      JSONField/HStoreField
      Key and index lookups for django.contrib.postgres.fields.JSONField and
      key lookups for django.contrib.postgres.fields.HStoreField were subject
      to SQL injection, using a suitably crafted dictionary, with dictionary
      expansion, as the **kwargs passed to QuerySet.filter().
    - CVE-2019-14235: Potential memory exhaustion in
      django.utils.encoding.uri_to_iri()
      If passed certain inputs, django.utils.encoding.uri_to_iri could lead to
      significant memory usage due to excessive recursion when
      re-percent-encoding invalid UTF-8 octet sequences.
      uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8
      octet sequences.
  * CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
    (Closes: #922027)
  * CVE-2019-12308: Prevent a XSS vulnerability in the Django admin via the
    AdminURLFieldWidget. (Closes: #929927)
  * CVE-2019-12781: Prevent incorrect HTTPS detection with reverse-proxies
    connecting via HTTPS. (Closes: #931316)

applied/debian/stretch 2019-09-07 18:03:39 UTC 2019-09-07
Import patches-applied version 1:1.10.7-2+deb9u6 to applied/debian/stretch

Author: lamby
Author Date: 2019-08-08 10:42:49 UTC

Import patches-applied version 1:1.10.7-2+deb9u6 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: bdd6423980a070af1315ba52d7d250a7e0513808
Unapplied parent: 9705caa15f68d81b19e76073c5554e672b5a8b80

New changelog entries:
  * Backport four security patches from upstream. (Closes: #934026)
    <https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>
    - CVE-2019-14232: Denial-of-service possibility in
      django.utils.text.Truncator
      If django.utils.text.Truncator's chars() and words() methods were passed
      the html=True argument, they were extremely slow to evaluate certain
      inputs due to a catastrophic backtracking vulnerability in a regular
      expression. The chars() and words() methods are used to implement the
      truncatechars_html and truncatewords_html template filters, which were
      thus vulnerable.
      The regular expressions used by Truncator have been simplified in order
      to avoid potential backtracking issues. As a consequence, trailing
      punctuation may now at times be included in the truncated output.
    - CVE-2019-14233: Denial-of-service possibility in strip_tags()
      Due to the behavior of the underlying HTMLParser,
      django.utils.html.strip_tags() would be extremely slow to evaluate
      certain inputs containing large sequences of nested incomplete HTML
      entities. The strip_tags() method is used to implement the corresponding
      striptags template filter, which was thus also vulnerable.
      strip_tags() now avoids recursive calls to HTMLParser when progress
      removing tags, but necessarily incomplete HTML entities, stops being
      made.
      Remember that absolutely NO guarantee is provided about the results of
      strip_tags() being HTML safe. So NEVER mark safe the result of a
      strip_tags() call without escaping it first, for example with
      django.utils.html.escape().
    - CVE-2019-14234: SQL injection possibility in key and index lookups for
      JSONField/HStoreField
      Key and index lookups for django.contrib.postgres.fields.JSONField and
      key lookups for django.contrib.postgres.fields.HStoreField were subject
      to SQL injection, using a suitably crafted dictionary, with dictionary
      expansion, as the **kwargs passed to QuerySet.filter().
    - CVE-2019-14235: Potential memory exhaustion in
      django.utils.encoding.uri_to_iri()
      If passed certain inputs, django.utils.encoding.uri_to_iri could lead to
      significant memory usage due to excessive recursion when
      re-percent-encoding invalid UTF-8 octet sequences.
      uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8
      octet sequences.
  * CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
    (Closes: #922027)
  * CVE-2019-12308: Prevent a XSS vulnerability in the Django admin via the
    AdminURLFieldWidget. (Closes: #929927)
  * CVE-2019-12781: Prevent incorrect HTTPS detection with reverse-proxies
    connecting via HTTPS. (Closes: #931316)

applied/debian/buster 2019-08-31 16:44:28 UTC 2019-08-31
Import patches-applied version 1:1.11.23-1~deb10u1 to applied/debian/sid

Author: lamby
Author Date: 2019-08-08 16:00:04 UTC

Import patches-applied version 1:1.11.23-1~deb10u1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: cc20d840e67ca1354449d3087090baac9b283cb8
Unapplied parent: fa81085fdf4f5d8d511f2569b9e93789a97dace8

New changelog entries:
  * New upstream security release.
    <https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>
    - CVE-2019-14232: Denial-of-service possibility in
      django.utils.text.Truncator
      If django.utils.text.Truncator's chars() and words() methods were passed
      the html=True argument, they were extremely slow to evaluate certain
      inputs due to a catastrophic backtracking vulnerability in a regular
      expression. The chars() and words() methods are used to implement the
      truncatechars_html and truncatewords_html template filters, which were
      thus vulnerable.
      The regular expressions used by Truncator have been simplified in order
      to avoid potential backtracking issues. As a consequence, trailing
      punctuation may now at times be included in the truncated output.
    - CVE-2019-14233: Denial-of-service possibility in strip_tags()
      Due to the behavior of the underlying HTMLParser,
      django.utils.html.strip_tags() would be extremely slow to evaluate
      certain inputs containing large sequences of nested incomplete HTML
      entities. The strip_tags() method is used to implement the corresponding
      striptags template filter, which was thus also vulnerable.
      strip_tags() now avoids recursive calls to HTMLParser when progress
      removing tags, but necessarily incomplete HTML entities, stops being
      made.
      Remember that absolutely NO guarantee is provided about the results of
      strip_tags() being HTML safe. So NEVER mark safe the result of a
      strip_tags() call without escaping it first, for example with
      django.utils.html.escape().
    - CVE-2019-14234: SQL injection possibility in key and index lookups for
      JSONField/HStoreField
      Key and index lookups for django.contrib.postgres.fields.JSONField and
      key lookups for django.contrib.postgres.fields.HStoreField were subject
      to SQL injection, using a suitably crafted dictionary, with dictionary
      expansion, as the **kwargs passed to QuerySet.filter().
    - CVE-2019-14235: Potential memory exhaustion in
      django.utils.encoding.uri_to_iri()
      If passed certain inputs, django.utils.encoding.uri_to_iri could lead to
      significant memory usage due to excessive recursion when
      re-percent-encoding invalid UTF-8 octet sequences.
      uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8
      octet sequences.
  * No-change update for buster-security.
  * Update debian/gbp.conf for new debian/buster branch.

debian/buster 2019-08-31 16:44:28 UTC 2019-08-31
Import patches-unapplied version 1:1.11.23-1~deb10u1 to debian/sid

Author: lamby
Author Date: 2019-08-08 16:00:04 UTC

Import patches-unapplied version 1:1.11.23-1~deb10u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 5b8f9eeb52aec193838eeb278e8f2c46f03f7226

New changelog entries:
  * New upstream security release.
    <https://www.djangoproject.com/weblog/2019/aug/01/security-releases/>
    - CVE-2019-14232: Denial-of-service possibility in
      django.utils.text.Truncator
      If django.utils.text.Truncator's chars() and words() methods were passed
      the html=True argument, they were extremely slow to evaluate certain
      inputs due to a catastrophic backtracking vulnerability in a regular
      expression. The chars() and words() methods are used to implement the
      truncatechars_html and truncatewords_html template filters, which were
      thus vulnerable.
      The regular expressions used by Truncator have been simplified in order
      to avoid potential backtracking issues. As a consequence, trailing
      punctuation may now at times be included in the truncated output.
    - CVE-2019-14233: Denial-of-service possibility in strip_tags()
      Due to the behavior of the underlying HTMLParser,
      django.utils.html.strip_tags() would be extremely slow to evaluate
      certain inputs containing large sequences of nested incomplete HTML
      entities. The strip_tags() method is used to implement the corresponding
      striptags template filter, which was thus also vulnerable.
      strip_tags() now avoids recursive calls to HTMLParser when progress
      removing tags, but necessarily incomplete HTML entities, stops being
      made.
      Remember that absolutely NO guarantee is provided about the results of
      strip_tags() being HTML safe. So NEVER mark safe the result of a
      strip_tags() call without escaping it first, for example with
      django.utils.html.escape().
    - CVE-2019-14234: SQL injection possibility in key and index lookups for
      JSONField/HStoreField
      Key and index lookups for django.contrib.postgres.fields.JSONField and
      key lookups for django.contrib.postgres.fields.HStoreField were subject
      to SQL injection, using a suitably crafted dictionary, with dictionary
      expansion, as the **kwargs passed to QuerySet.filter().
    - CVE-2019-14235: Potential memory exhaustion in
      django.utils.encoding.uri_to_iri()
      If passed certain inputs, django.utils.encoding.uri_to_iri could lead to
      significant memory usage due to excessive recursion when
      re-percent-encoding invalid UTF-8 octet sequences.
      uri_to_iri() now avoids recursion when re-percent-encoding invalid UTF-8
      octet sequences.
  * No-change update for buster-security.
  * Update debian/gbp.conf for new debian/buster branch.

ubuntu/cosmic-updates 2019-07-01 13:59:16 UTC 2019-07-01
Import patches-unapplied version 1:1.11.15-1ubuntu1.3 to ubuntu/cosmic-security

Author: Leonidas S. Barbosa
Author Date: 2019-06-24 13:28:11 UTC

Import patches-unapplied version 1:1.11.15-1ubuntu1.3 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 49db15e0c6ca5fb7e5f96c781ffa6e02414c0715

New changelog entries:
  * SECURITY UPDATE: Incorrect HTTP detection with reverse-proxy
    connecting via HTTPS
    - debian/patches/CVE-2019-12781.patch: made HttpRequest always
      trusty SECURE_PROXY_SSL_HEADER if set in django/http/request.py,
      docs/ref/settings.txt and added tests to tests/settings_test/tests.py.
    - CVE-2019-12781
  * SECURITY UPDATE: XSS in Django admin via AdminURLFieldWidget
    - debian/patches/CVE-2019-12308.patch: made AdminURLFieldWidget
      validate URL before rendering clickable link in
      django/contrib/admin/templates/admin/widgets/url.html,
      django/contrib/admin/widgets.py add test test/admin_widgets/tests.py.
    - CVE-2019-12308

applied/ubuntu/cosmic-updates 2019-07-01 13:59:16 UTC 2019-07-01
Import patches-applied version 1:1.11.15-1ubuntu1.3 to applied/ubuntu/cosmic-...

Author: Leonidas S. Barbosa
Author Date: 2019-06-24 13:28:11 UTC

Import patches-applied version 1:1.11.15-1ubuntu1.3 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: d90cdf9a60de0d9e3892ee773ce9c30c72d5aee9
Unapplied parent: 32e343d17ffaf50a0bd31fc1e408873f497af5bc

New changelog entries:
  * SECURITY UPDATE: Incorrect HTTP detection with reverse-proxy
    connecting via HTTPS
    - debian/patches/CVE-2019-12781.patch: made HttpRequest always
      trusty SECURE_PROXY_SSL_HEADER if set in django/http/request.py,
      docs/ref/settings.txt and added tests to tests/settings_test/tests.py.
    - CVE-2019-12781
  * SECURITY UPDATE: XSS in Django admin via AdminURLFieldWidget
    - debian/patches/CVE-2019-12308.patch: made AdminURLFieldWidget
      validate URL before rendering clickable link in
      django/contrib/admin/templates/admin/widgets/url.html,
      django/contrib/admin/widgets.py add test test/admin_widgets/tests.py.
    - CVE-2019-12308

ubuntu/cosmic-security 2019-07-01 13:59:16 UTC 2019-07-01
Import patches-unapplied version 1:1.11.15-1ubuntu1.3 to ubuntu/cosmic-security

Author: Leonidas S. Barbosa
Author Date: 2019-06-24 13:28:11 UTC

Import patches-unapplied version 1:1.11.15-1ubuntu1.3 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 49db15e0c6ca5fb7e5f96c781ffa6e02414c0715

New changelog entries:
  * SECURITY UPDATE: Incorrect HTTP detection with reverse-proxy
    connecting via HTTPS
    - debian/patches/CVE-2019-12781.patch: made HttpRequest always
      trusty SECURE_PROXY_SSL_HEADER if set in django/http/request.py,
      docs/ref/settings.txt and added tests to tests/settings_test/tests.py.
    - CVE-2019-12781
  * SECURITY UPDATE: XSS in Django admin via AdminURLFieldWidget
    - debian/patches/CVE-2019-12308.patch: made AdminURLFieldWidget
      validate URL before rendering clickable link in
      django/contrib/admin/templates/admin/widgets/url.html,
      django/contrib/admin/widgets.py add test test/admin_widgets/tests.py.
    - CVE-2019-12308

applied/ubuntu/cosmic-devel 2019-07-01 13:59:16 UTC 2019-07-01
Import patches-applied version 1:1.11.15-1ubuntu1.3 to applied/ubuntu/cosmic-...

Author: Leonidas S. Barbosa
Author Date: 2019-06-24 13:28:11 UTC

Import patches-applied version 1:1.11.15-1ubuntu1.3 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: d90cdf9a60de0d9e3892ee773ce9c30c72d5aee9
Unapplied parent: 32e343d17ffaf50a0bd31fc1e408873f497af5bc

New changelog entries:
  * SECURITY UPDATE: Incorrect HTTP detection with reverse-proxy
    connecting via HTTPS
    - debian/patches/CVE-2019-12781.patch: made HttpRequest always
      trusty SECURE_PROXY_SSL_HEADER if set in django/http/request.py,
      docs/ref/settings.txt and added tests to tests/settings_test/tests.py.
    - CVE-2019-12781
  * SECURITY UPDATE: XSS in Django admin via AdminURLFieldWidget
    - debian/patches/CVE-2019-12308.patch: made AdminURLFieldWidget
      validate URL before rendering clickable link in
      django/contrib/admin/templates/admin/widgets/url.html,
      django/contrib/admin/widgets.py add test test/admin_widgets/tests.py.
    - CVE-2019-12308

applied/ubuntu/cosmic-security 2019-07-01 13:59:16 UTC 2019-07-01
Import patches-applied version 1:1.11.15-1ubuntu1.3 to applied/ubuntu/cosmic-...

Author: Leonidas S. Barbosa
Author Date: 2019-06-24 13:28:11 UTC

Import patches-applied version 1:1.11.15-1ubuntu1.3 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: d90cdf9a60de0d9e3892ee773ce9c30c72d5aee9
Unapplied parent: 32e343d17ffaf50a0bd31fc1e408873f497af5bc

New changelog entries:
  * SECURITY UPDATE: Incorrect HTTP detection with reverse-proxy
    connecting via HTTPS
    - debian/patches/CVE-2019-12781.patch: made HttpRequest always
      trusty SECURE_PROXY_SSL_HEADER if set in django/http/request.py,
      docs/ref/settings.txt and added tests to tests/settings_test/tests.py.
    - CVE-2019-12781
  * SECURITY UPDATE: XSS in Django admin via AdminURLFieldWidget
    - debian/patches/CVE-2019-12308.patch: made AdminURLFieldWidget
      validate URL before rendering clickable link in
      django/contrib/admin/templates/admin/widgets/url.html,
      django/contrib/admin/widgets.py add test test/admin_widgets/tests.py.
    - CVE-2019-12308

ubuntu/cosmic-devel 2019-07-01 13:59:16 UTC 2019-07-01
Import patches-unapplied version 1:1.11.15-1ubuntu1.3 to ubuntu/cosmic-security

Author: Leonidas S. Barbosa
Author Date: 2019-06-24 13:28:11 UTC

Import patches-unapplied version 1:1.11.15-1ubuntu1.3 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 49db15e0c6ca5fb7e5f96c781ffa6e02414c0715

New changelog entries:
  * SECURITY UPDATE: Incorrect HTTP detection with reverse-proxy
    connecting via HTTPS
    - debian/patches/CVE-2019-12781.patch: made HttpRequest always
      trusty SECURE_PROXY_SSL_HEADER if set in django/http/request.py,
      docs/ref/settings.txt and added tests to tests/settings_test/tests.py.
    - CVE-2019-12781
  * SECURITY UPDATE: XSS in Django admin via AdminURLFieldWidget
    - debian/patches/CVE-2019-12308.patch: made AdminURLFieldWidget
      validate URL before rendering clickable link in
      django/contrib/admin/templates/admin/widgets/url.html,
      django/contrib/admin/widgets.py add test test/admin_widgets/tests.py.
    - CVE-2019-12308

ubuntu/disco 2019-02-11 22:41:39 UTC 2019-02-11
Import patches-unapplied version 1:1.11.20-1 to debian/sid

Author: lamby
Author Date: 2019-02-11 19:08:53 UTC

Import patches-unapplied version 1:1.11.20-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 36d60f80427102bf2f63bd133ff6d2773f38799a

New changelog entries:
  * New upstream security release.
    - CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
      (Closes: #922027)

applied/ubuntu/disco-proposed 2019-02-11 22:41:39 UTC 2019-02-11
Import patches-applied version 1:1.11.20-1 to applied/debian/sid

Author: lamby
Author Date: 2019-02-11 19:08:53 UTC

Import patches-applied version 1:1.11.20-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 2c20675913d95327ada44d0ca582f92febb1f07b
Unapplied parent: 16a32e3c544fbbb90d087632417d58dd061b3a98

New changelog entries:
  * New upstream security release.
    - CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
      (Closes: #922027)

applied/ubuntu/disco 2019-02-11 22:41:39 UTC 2019-02-11
Import patches-applied version 1:1.11.20-1 to applied/debian/sid

Author: lamby
Author Date: 2019-02-11 19:08:53 UTC

Import patches-applied version 1:1.11.20-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 2c20675913d95327ada44d0ca582f92febb1f07b
Unapplied parent: 16a32e3c544fbbb90d087632417d58dd061b3a98

New changelog entries:
  * New upstream security release.
    - CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
      (Closes: #922027)

ubuntu/disco-proposed 2019-02-11 22:41:39 UTC 2019-02-11
Import patches-unapplied version 1:1.11.20-1 to debian/sid

Author: lamby
Author Date: 2019-02-11 19:08:53 UTC

Import patches-unapplied version 1:1.11.20-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 36d60f80427102bf2f63bd133ff6d2773f38799a

New changelog entries:
  * New upstream security release.
    - CVE-2019-6975: Fix memory exhaustion in utils.numberformat.format().
      (Closes: #922027)

ubuntu/trusty-devel 2019-01-09 17:46:13 UTC 2019-01-09
Import patches-unapplied version 1.6.11-0ubuntu1.3 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2019-01-08 14:00:29 UTC

Import patches-unapplied version 1.6.11-0ubuntu1.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2cc80b39a7e233c5e4aa13f5cd33ac00b68881bf

New changelog entries:
  * SECURITY UPDATE: content spoofing in the default 404 page
    - debian/patches/CVE-2019-3498.patch: properly quote string in
      django/views/defaults.py.
    - CVE-2019-3498

ubuntu/trusty-updates 2019-01-09 17:46:13 UTC 2019-01-09
Import patches-unapplied version 1.6.11-0ubuntu1.3 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2019-01-08 14:00:29 UTC

Import patches-unapplied version 1.6.11-0ubuntu1.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2cc80b39a7e233c5e4aa13f5cd33ac00b68881bf

New changelog entries:
  * SECURITY UPDATE: content spoofing in the default 404 page
    - debian/patches/CVE-2019-3498.patch: properly quote string in
      django/views/defaults.py.
    - CVE-2019-3498

applied/ubuntu/trusty-security 2019-01-09 17:46:13 UTC 2019-01-09
Import patches-applied version 1.6.11-0ubuntu1.3 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2019-01-08 14:00:29 UTC

Import patches-applied version 1.6.11-0ubuntu1.3 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: e25a8bd601dcdffa8a337e501a6b3bb6cf972dc6
Unapplied parent: ea5e12dfb34fce9af7b5759fc64ae60565c98679

New changelog entries:
  * SECURITY UPDATE: content spoofing in the default 404 page
    - debian/patches/CVE-2019-3498.patch: properly quote string in
      django/views/defaults.py.
    - CVE-2019-3498

applied/ubuntu/trusty-devel 2019-01-09 17:46:13 UTC 2019-01-09
Import patches-applied version 1.6.11-0ubuntu1.3 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2019-01-08 14:00:29 UTC

Import patches-applied version 1.6.11-0ubuntu1.3 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: e25a8bd601dcdffa8a337e501a6b3bb6cf972dc6
Unapplied parent: ea5e12dfb34fce9af7b5759fc64ae60565c98679

New changelog entries:
  * SECURITY UPDATE: content spoofing in the default 404 page
    - debian/patches/CVE-2019-3498.patch: properly quote string in
      django/views/defaults.py.
    - CVE-2019-3498

ubuntu/trusty-security 2019-01-09 17:46:13 UTC 2019-01-09
Import patches-unapplied version 1.6.11-0ubuntu1.3 to ubuntu/trusty-security

Author: Marc Deslauriers
Author Date: 2019-01-08 14:00:29 UTC

Import patches-unapplied version 1.6.11-0ubuntu1.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 2cc80b39a7e233c5e4aa13f5cd33ac00b68881bf

New changelog entries:
  * SECURITY UPDATE: content spoofing in the default 404 page
    - debian/patches/CVE-2019-3498.patch: properly quote string in
      django/views/defaults.py.
    - CVE-2019-3498

applied/ubuntu/trusty-updates 2019-01-09 17:46:13 UTC 2019-01-09
Import patches-applied version 1.6.11-0ubuntu1.3 to applied/ubuntu/trusty-sec...

Author: Marc Deslauriers
Author Date: 2019-01-08 14:00:29 UTC

Import patches-applied version 1.6.11-0ubuntu1.3 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: e25a8bd601dcdffa8a337e501a6b3bb6cf972dc6
Unapplied parent: ea5e12dfb34fce9af7b5759fc64ae60565c98679

New changelog entries:
  * SECURITY UPDATE: content spoofing in the default 404 page
    - debian/patches/CVE-2019-3498.patch: properly quote string in
      django/views/defaults.py.
    - CVE-2019-3498

ubuntu/cosmic 2018-08-02 07:58:10 UTC 2018-08-02
Import patches-unapplied version 1:1.11.15-1ubuntu1 to ubuntu/cosmic-proposed

Author: Gianfranco Costamagna
Author Date: 2018-08-02 09:57:11 UTC

Import patches-unapplied version 1:1.11.15-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 9bf340504a67cc0c7973c873c75a74f8a7e9150d

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.
    - Ignore test results, seems they have been broken since a lot of time, see
      Debian bug: #891753

applied/ubuntu/cosmic-proposed 2018-08-02 07:58:10 UTC 2018-08-02
Import patches-applied version 1:1.11.15-1ubuntu1 to applied/ubuntu/cosmic-pr...

Author: Gianfranco Costamagna
Author Date: 2018-08-02 09:57:11 UTC

Import patches-applied version 1:1.11.15-1ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 116258b943de5f4dd19414e52033e116b5cb8fe7
Unapplied parent: b265fdf8b380bd6fa871fa6ae4f0b14d565318ba

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.
    - Ignore test results, seems they have been broken since a lot of time, see
      Debian bug: #891753

ubuntu/cosmic-proposed 2018-08-02 07:58:10 UTC 2018-08-02
Import patches-unapplied version 1:1.11.15-1ubuntu1 to ubuntu/cosmic-proposed

Author: Gianfranco Costamagna
Author Date: 2018-08-02 09:57:11 UTC

Import patches-unapplied version 1:1.11.15-1ubuntu1 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 9bf340504a67cc0c7973c873c75a74f8a7e9150d

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.
    - Ignore test results, seems they have been broken since a lot of time, see
      Debian bug: #891753

applied/ubuntu/cosmic 2018-08-02 07:58:10 UTC 2018-08-02
Import patches-applied version 1:1.11.15-1ubuntu1 to applied/ubuntu/cosmic-pr...

Author: Gianfranco Costamagna
Author Date: 2018-08-02 09:57:11 UTC

Import patches-applied version 1:1.11.15-1ubuntu1 to applied/ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 116258b943de5f4dd19414e52033e116b5cb8fe7
Unapplied parent: b265fdf8b380bd6fa871fa6ae4f0b14d565318ba

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.
    - Ignore test results, seems they have been broken since a lot of time, see
      Debian bug: #891753

applied/debian/jessie 2018-06-23 17:26:32 UTC 2018-06-23
Import patches-applied version 1.7.11-1+deb8u3 to applied/debian/jessie

Author: Brian May
Author Date: 2018-03-30 12:24:14 UTC

Import patches-applied version 1.7.11-1+deb8u3 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 14366b95a1dfc2ce985374045cf135bfd73ef32d
Unapplied parent: df4b28fddd6a96879592c721d7c7f1c6615d7834

New changelog entries:
  * Non-maintainer upload by the LTS Team.
  * Fix CVE-2018-7536: Denial-of-service possibility in ``urlize`` and
    ``urlizetrunc`` template filters
  * Fix CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html``
    and ``truncatewords_html`` template filters

debian/jessie 2018-06-23 17:26:32 UTC 2018-06-23
Import patches-unapplied version 1.7.11-1+deb8u3 to debian/jessie

Author: Brian May
Author Date: 2018-03-30 12:24:14 UTC

Import patches-unapplied version 1.7.11-1+deb8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 16976c2b9bfb4b5489da2d66e0388b1cde47882b

New changelog entries:
  * Non-maintainer upload by the LTS Team.
  * Fix CVE-2018-7536: Denial-of-service possibility in ``urlize`` and
    ``urlizetrunc`` template filters
  * Fix CVE-2018-7537: Denial-of-service possibility in ``truncatechars_html``
    and ``truncatewords_html`` template filters

importer/debian/pristine-tar 2018-04-06 05:49:27 UTC 2018-04-06
pristine-tar data for python-django_1.11.12.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-04-06 05:49:27 UTC

pristine-tar data for python-django_1.11.12.orig.tar.gz

importer/ubuntu/pristine-tar 2018-03-21 15:02:24 UTC 2018-03-21
pristine-tar data for python-django_1.11.11.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-21 15:02:24 UTC

pristine-tar data for python-django_1.11.11.orig.tar.gz

ubuntu/bionic 2018-03-21 14:43:52 UTC 2018-03-21
Import patches-unapplied version 1:1.11.11-1ubuntu1 to ubuntu/bionic-proposed

Author: Marc Deslauriers
Author Date: 2018-03-21 13:42:10 UTC

Import patches-unapplied version 1:1.11.11-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 4e6c5d1a9dc80441a3293781919c916dbb8788d2

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

applied/ubuntu/bionic 2018-03-21 14:43:52 UTC 2018-03-21
Import patches-applied version 1:1.11.11-1ubuntu1 to applied/ubuntu/bionic-pr...

Author: Marc Deslauriers
Author Date: 2018-03-21 13:42:10 UTC

Import patches-applied version 1:1.11.11-1ubuntu1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 688dd68662070d7d602a7442d7c4eca7c9fbf7e6
Unapplied parent: dd7cde554c2ee5f9e071bcc3dd45d3ae024dd613

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

ubuntu/bionic-proposed 2018-03-21 14:43:52 UTC 2018-03-21
Import patches-unapplied version 1:1.11.11-1ubuntu1 to ubuntu/bionic-proposed

Author: Marc Deslauriers
Author Date: 2018-03-21 13:42:10 UTC

Import patches-unapplied version 1:1.11.11-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 4e6c5d1a9dc80441a3293781919c916dbb8788d2

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

applied/ubuntu/bionic-proposed 2018-03-21 14:43:52 UTC 2018-03-21
Import patches-applied version 1:1.11.11-1ubuntu1 to applied/ubuntu/bionic-pr...

Author: Marc Deslauriers
Author Date: 2018-03-21 13:42:10 UTC

Import patches-applied version 1:1.11.11-1ubuntu1 to applied/ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 688dd68662070d7d602a7442d7c4eca7c9fbf7e6
Unapplied parent: dd7cde554c2ee5f9e071bcc3dd45d3ae024dd613

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

applied/ubuntu/artful-updates 2018-03-06 15:48:26 UTC 2018-03-06
Import patches-applied version 1:1.11.4-1ubuntu1.2 to applied/ubuntu/artful-s...

Author: Marc Deslauriers
Author Date: 2018-03-05 13:32:00 UTC

Import patches-applied version 1:1.11.4-1ubuntu1.2 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 48e37c50860c1f9d7245a46d89ef5f9ff157b817
Unapplied parent: 4345f88560b391b0086fbd32dada87637b16803f

New changelog entries:
  * SECURITY UPDATE: DoS in urlize and urlizetrunc template filters
    - debian/patches/CVE-2018-7536.patch: fix backtracking in
      django/utils/html.py, add test to tests/utils_tests/test_html.py.
    - CVE-2018-7536
  * SECURITY UPDATE: DoS in truncatechars_html and truncatewords_html
    template filters
    - debian/patches/CVE-2018-7537.patch: fix backtracking in
      django/utils/text.py, add test to tests/utils_tests/test_text.py.
    - CVE-2018-7537

applied/ubuntu/artful-security 2018-03-06 15:48:26 UTC 2018-03-06
Import patches-applied version 1:1.11.4-1ubuntu1.2 to applied/ubuntu/artful-s...

Author: Marc Deslauriers
Author Date: 2018-03-05 13:32:00 UTC

Import patches-applied version 1:1.11.4-1ubuntu1.2 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 48e37c50860c1f9d7245a46d89ef5f9ff157b817
Unapplied parent: 4345f88560b391b0086fbd32dada87637b16803f

New changelog entries:
  * SECURITY UPDATE: DoS in urlize and urlizetrunc template filters
    - debian/patches/CVE-2018-7536.patch: fix backtracking in
      django/utils/html.py, add test to tests/utils_tests/test_html.py.
    - CVE-2018-7536
  * SECURITY UPDATE: DoS in truncatechars_html and truncatewords_html
    template filters
    - debian/patches/CVE-2018-7537.patch: fix backtracking in
      django/utils/text.py, add test to tests/utils_tests/test_text.py.
    - CVE-2018-7537

ubuntu/artful-updates 2018-03-06 15:48:26 UTC 2018-03-06
Import patches-unapplied version 1:1.11.4-1ubuntu1.2 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-03-05 13:32:00 UTC

Import patches-unapplied version 1:1.11.4-1ubuntu1.2 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 7a6bfe99ac77ac4c8a402cdd7cdc59aec7e9494a

New changelog entries:
  * SECURITY UPDATE: DoS in urlize and urlizetrunc template filters
    - debian/patches/CVE-2018-7536.patch: fix backtracking in
      django/utils/html.py, add test to tests/utils_tests/test_html.py.
    - CVE-2018-7536
  * SECURITY UPDATE: DoS in truncatechars_html and truncatewords_html
    template filters
    - debian/patches/CVE-2018-7537.patch: fix backtracking in
      django/utils/text.py, add test to tests/utils_tests/test_text.py.
    - CVE-2018-7537

ubuntu/artful-security 2018-03-06 15:48:26 UTC 2018-03-06
Import patches-unapplied version 1:1.11.4-1ubuntu1.2 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-03-05 13:32:00 UTC

Import patches-unapplied version 1:1.11.4-1ubuntu1.2 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 7a6bfe99ac77ac4c8a402cdd7cdc59aec7e9494a

New changelog entries:
  * SECURITY UPDATE: DoS in urlize and urlizetrunc template filters
    - debian/patches/CVE-2018-7536.patch: fix backtracking in
      django/utils/html.py, add test to tests/utils_tests/test_html.py.
    - CVE-2018-7536
  * SECURITY UPDATE: DoS in truncatechars_html and truncatewords_html
    template filters
    - debian/patches/CVE-2018-7537.patch: fix backtracking in
      django/utils/text.py, add test to tests/utils_tests/test_text.py.
    - CVE-2018-7537

applied/ubuntu/artful-devel 2018-03-06 15:48:26 UTC 2018-03-06
Import patches-applied version 1:1.11.4-1ubuntu1.2 to applied/ubuntu/artful-s...

Author: Marc Deslauriers
Author Date: 2018-03-05 13:32:00 UTC

Import patches-applied version 1:1.11.4-1ubuntu1.2 to applied/ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 48e37c50860c1f9d7245a46d89ef5f9ff157b817
Unapplied parent: 4345f88560b391b0086fbd32dada87637b16803f

New changelog entries:
  * SECURITY UPDATE: DoS in urlize and urlizetrunc template filters
    - debian/patches/CVE-2018-7536.patch: fix backtracking in
      django/utils/html.py, add test to tests/utils_tests/test_html.py.
    - CVE-2018-7536
  * SECURITY UPDATE: DoS in truncatechars_html and truncatewords_html
    template filters
    - debian/patches/CVE-2018-7537.patch: fix backtracking in
      django/utils/text.py, add test to tests/utils_tests/test_text.py.
    - CVE-2018-7537

ubuntu/artful-devel 2018-03-06 15:48:26 UTC 2018-03-06
Import patches-unapplied version 1:1.11.4-1ubuntu1.2 to ubuntu/artful-security

Author: Marc Deslauriers
Author Date: 2018-03-05 13:32:00 UTC

Import patches-unapplied version 1:1.11.4-1ubuntu1.2 to ubuntu/artful-security

Imported using git-ubuntu import.

Changelog parent: 7a6bfe99ac77ac4c8a402cdd7cdc59aec7e9494a

New changelog entries:
  * SECURITY UPDATE: DoS in urlize and urlizetrunc template filters
    - debian/patches/CVE-2018-7536.patch: fix backtracking in
      django/utils/html.py, add test to tests/utils_tests/test_html.py.
    - CVE-2018-7536
  * SECURITY UPDATE: DoS in truncatechars_html and truncatewords_html
    template filters
    - debian/patches/CVE-2018-7537.patch: fix backtracking in
      django/utils/text.py, add test to tests/utils_tests/test_text.py.
    - CVE-2018-7537

ubuntu/artful-proposed 2017-08-09 16:08:46 UTC 2017-08-09
Import patches-unapplied version 1:1.11.4-1ubuntu1 to ubuntu/artful-proposed

Author: Steve Langasek
Author Date: 2017-08-09 15:49:41 UTC

Import patches-unapplied version 1:1.11.4-1ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 6814f5fd10ae8ca7dfaa94bc49e25ff1c7fc7b18

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

applied/ubuntu/artful-proposed 2017-08-09 16:08:46 UTC 2017-08-09
Import patches-applied version 1:1.11.4-1ubuntu1 to applied/ubuntu/artful-pro...

Author: Steve Langasek
Author Date: 2017-08-09 15:49:41 UTC

Import patches-applied version 1:1.11.4-1ubuntu1 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 3d4974fdf548cb131f7b358511c9319f005ed579
Unapplied parent: b05896a28508dbccf7f64fd89840a83ca0576ec9

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

ubuntu/artful 2017-08-09 16:08:46 UTC 2017-08-09
Import patches-unapplied version 1:1.11.4-1ubuntu1 to ubuntu/artful-proposed

Author: Steve Langasek
Author Date: 2017-08-09 15:49:41 UTC

Import patches-unapplied version 1:1.11.4-1ubuntu1 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 6814f5fd10ae8ca7dfaa94bc49e25ff1c7fc7b18

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

applied/ubuntu/artful 2017-08-09 16:08:46 UTC 2017-08-09
Import patches-applied version 1:1.11.4-1ubuntu1 to applied/ubuntu/artful-pro...

Author: Steve Langasek
Author Date: 2017-08-09 15:49:41 UTC

Import patches-applied version 1:1.11.4-1ubuntu1 to applied/ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 3d4974fdf548cb131f7b358511c9319f005ed579
Unapplied parent: b05896a28508dbccf7f64fd89840a83ca0576ec9

New changelog entries:
  * Merge from Debian unstable. Remaining changes:
    - debian/patches/pymysql-replacement.patch: Use pymysql as drop in
      replacement for MySQLdb.
    - debian/control: Drop python-mysqldb in favor of python-pymysql.

ubuntu/zesty 2017-04-05 09:58:39 UTC 2017-04-05
Import patches-unapplied version 1.8.7-1ubuntu11 to ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-04-03 14:32:55 UTC

Import patches-unapplied version 1.8.7-1ubuntu11 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 66a182199eba108ad31c9f29058f06a4bb96ded7

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

ubuntu/zesty-devel 2017-04-05 09:58:39 UTC 2017-04-05
Import patches-unapplied version 1.8.7-1ubuntu11 to ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-04-03 14:32:55 UTC

Import patches-unapplied version 1.8.7-1ubuntu11 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 66a182199eba108ad31c9f29058f06a4bb96ded7

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/zesty 2017-04-05 09:58:39 UTC 2017-04-05
Import patches-applied version 1.8.7-1ubuntu11 to applied/ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-04-03 14:32:55 UTC

Import patches-applied version 1.8.7-1ubuntu11 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 98a0832a5b75ee09f953a308eb02dfca8ee13e3d
Unapplied parent: 3594e43d0a8e1113f4877b6b5d37d9315e6c28b4

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/zesty-proposed 2017-04-05 09:58:39 UTC 2017-04-05
Import patches-applied version 1.8.7-1ubuntu11 to applied/ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-04-03 14:32:55 UTC

Import patches-applied version 1.8.7-1ubuntu11 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 98a0832a5b75ee09f953a308eb02dfca8ee13e3d
Unapplied parent: 3594e43d0a8e1113f4877b6b5d37d9315e6c28b4

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/zesty-devel 2017-04-05 09:58:39 UTC 2017-04-05
Import patches-applied version 1.8.7-1ubuntu11 to applied/ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-04-03 14:32:55 UTC

Import patches-applied version 1.8.7-1ubuntu11 to applied/ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 98a0832a5b75ee09f953a308eb02dfca8ee13e3d
Unapplied parent: 3594e43d0a8e1113f4877b6b5d37d9315e6c28b4

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

ubuntu/zesty-proposed 2017-04-05 09:58:39 UTC 2017-04-05
Import patches-unapplied version 1.8.7-1ubuntu11 to ubuntu/zesty-proposed

Author: Marc Deslauriers
Author Date: 2017-04-03 14:32:55 UTC

Import patches-unapplied version 1.8.7-1ubuntu11 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 66a182199eba108ad31c9f29058f06a4bb96ded7

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/yakkety-devel 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-applied version 1.8.7-1ubuntu8.2 to applied/ubuntu/yakkety-sec...

Author: Marc Deslauriers
Author Date: 2017-03-29 11:32:39 UTC

Import patches-applied version 1.8.7-1ubuntu8.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: c6016f86d01e0d0dc0bb4459a36274c447aa2f8a
Unapplied parent: 6a6b56d36dfa515536df9c078c3f24ff0c6b9a34

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/yakkety-security 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-applied version 1.8.7-1ubuntu8.2 to applied/ubuntu/yakkety-sec...

Author: Marc Deslauriers
Author Date: 2017-03-29 11:32:39 UTC

Import patches-applied version 1.8.7-1ubuntu8.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: c6016f86d01e0d0dc0bb4459a36274c447aa2f8a
Unapplied parent: 6a6b56d36dfa515536df9c078c3f24ff0c6b9a34

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

ubuntu/yakkety-updates 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-unapplied version 1.8.7-1ubuntu8.2 to ubuntu/yakkety-security

Author: Marc Deslauriers
Author Date: 2017-03-29 11:32:39 UTC

Import patches-unapplied version 1.8.7-1ubuntu8.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: bf580ff63b7dc221b1d7440695bee3f304e5c012

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

ubuntu/precise-security 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-unapplied version 1.3.1-4ubuntu1.23 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2017-03-29 11:49:05 UTC

Import patches-unapplied version 1.3.1-4ubuntu1.23 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0df8b64806c3774771158be29312dd0089eab1a2

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/regressiontests/utils/http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

ubuntu/precise-updates 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-unapplied version 1.3.1-4ubuntu1.23 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2017-03-29 11:49:05 UTC

Import patches-unapplied version 1.3.1-4ubuntu1.23 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0df8b64806c3774771158be29312dd0089eab1a2

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/regressiontests/utils/http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/yakkety-updates 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-applied version 1.8.7-1ubuntu8.2 to applied/ubuntu/yakkety-sec...

Author: Marc Deslauriers
Author Date: 2017-03-29 11:32:39 UTC

Import patches-applied version 1.8.7-1ubuntu8.2 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: c6016f86d01e0d0dc0bb4459a36274c447aa2f8a
Unapplied parent: 6a6b56d36dfa515536df9c078c3f24ff0c6b9a34

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/utils_tests/test_http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/precise-updates 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-applied version 1.3.1-4ubuntu1.23 to applied/ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-03-29 11:49:05 UTC

Import patches-applied version 1.3.1-4ubuntu1.23 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4bd5c0bf930f731eb0d184e6609f737d9bb6106d
Unapplied parent: d0fd7a55546a215e41a7cc5289e23d02d69730e0

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/regressiontests/utils/http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/precise-security 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-applied version 1.3.1-4ubuntu1.23 to applied/ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-03-29 11:49:05 UTC

Import patches-applied version 1.3.1-4ubuntu1.23 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4bd5c0bf930f731eb0d184e6609f737d9bb6106d
Unapplied parent: d0fd7a55546a215e41a7cc5289e23d02d69730e0

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/regressiontests/utils/http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

applied/ubuntu/precise-devel 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-applied version 1.3.1-4ubuntu1.23 to applied/ubuntu/precise-se...

Author: Marc Deslauriers
Author Date: 2017-03-29 11:49:05 UTC

Import patches-applied version 1.3.1-4ubuntu1.23 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4bd5c0bf930f731eb0d184e6609f737d9bb6106d
Unapplied parent: d0fd7a55546a215e41a7cc5289e23d02d69730e0

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/regressiontests/utils/http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

ubuntu/precise-devel 2017-04-04 17:23:44 UTC 2017-04-04
Import patches-unapplied version 1.3.1-4ubuntu1.23 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2017-03-29 11:49:05 UTC

Import patches-unapplied version 1.3.1-4ubuntu1.23 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 0df8b64806c3774771158be29312dd0089eab1a2

New changelog entries:
  * SECURITY UPDATE: Open redirect and possible XSS attack via
    user-supplied numeric redirect URLs
    - debian/patches/CVE-2017-7233.patch: fix is_safe_url() with numeric
      URLs in django/utils/http.py, added tests to
      tests/regressiontests/utils/http.py.
    - CVE-2017-7233
  * SECURITY UPDATE: Open redirect vulnerability in
    django.views.static.serve()
    - debian/patches/CVE-2017-7234.patch: remove redirect from
      django/views/static.py.
    - CVE-2017-7234

1100 of 264 results

Other repositories

Name Last Modified
lp:ubuntu/+source/python-django 2020-01-07
lp:~nacc/ubuntu/+source/python-django 2016-07-14
12 of 2 results
You can't create new repositories for python-django in Ubuntu.