Branches for Karmic

Author: Jamie Strandboge
Revision Date: 2011-02-15 17:18:54 UTC

* SECURITY UPDATE: flaw in CSRF handling (LP: #719031)
  - debian/patches/24_CVE-2011-0696.diff: apply full CSRF validation to all
    requests, regardless of apparent AJAX origin. This is technically
    backwards-incompatible, but the security risks have been judged to
    outweigh the compatibility concerns in this case. See the Django project
    notes for more information:
    http://www.djangoproject.com/weblog/2011/feb/08/security/
  - CVE-2011-0696
* SECURITY UPDATE: potential XSS in file field rendering
  - debian/patches/25_CVE-2011-0697.diff: properly escape URL in
    django/contrib/admin/widgets.py
  - CVE-2011-0697

Author: Jamie Strandboge
Revision Date: 2011-02-15 17:18:54 UTC

* SECURITY UPDATE: flaw in CSRF handling (LP: #719031)
  - debian/patches/24_CVE-2011-0696.diff: apply full CSRF validation to all
    requests, regardless of apparent AJAX origin. This is technically
    backwards-incompatible, but the security risks have been judged to
    outweigh the compatibility concerns in this case. See the Django project
    notes for more information:
    http://www.djangoproject.com/weblog/2011/feb/08/security/
  - CVE-2011-0696
* SECURITY UPDATE: potential XSS in file field rendering
  - debian/patches/25_CVE-2011-0697.diff: properly escape URL in
    django/contrib/admin/widgets.py
  - CVE-2011-0697

Author: Krzysztof Klimonda
Revision Date: 2009-10-12 19:22:16 UTC

* Merge python-django 1.1.1-1 from debian unstable (LP: #447617)
  for security and bug fixes, all Ubuntu changes merged by Debian.
* Add to debian/patches:
  - 20_python2.6.3_regression.patch - backported upstream commit 11620
    to make Django work with Python 2.6.3 properly. (LP: #445639)