Ubuntu
python-django package

Branches for Precise

Name Status Last Modified Last Commit
lp:ubuntu/precise/python-django bug 2 Mature 2012-02-17 15:44:37 UTC
37. * Merge with Debian. Remaining chang...

Author: Dave Walker
Revision Date: 2012-02-17 14:59:51 UTC

* Merge with Debian. Remaining changes:
  - 09_test_view_decorator_sleep.diff increases the sleep time to
    reduce race condition effects on build machines.
    https://code.djangoproject.com/ticket/16686 (LP: #829487)
* debian/patches/{psycopg2_creation.diff,compat-psycopg2-plus2.4.2.diff}:
  - New patches, resolve compatibility with psycopg2 > 2.4.1, patches
    based on upstream submissions, rebasing courtesy of Dave Pifke.
  - LP: #905837
lp:ubuntu/precise-proposed/python-django bug 2 Mature 2013-03-07 17:27:06 UTC
42. [ Julian Edwards ] * debian/patches: ...

Author: Andres Rodriguez
Revision Date: 2013-03-07 17:27:06 UTC

[ Julian Edwards ]
* debian/patches:
  - prefetch_related.diff: Backport prefetch_related from 1.4 (LP: #1081388)
  - bug15496-base64-multipart-fix.diff: Include fix for upstream bug #15496
    which makes 'Content-Transfer-Encoding: base64: work for multipart
    messages. (LP: #1081392)
lp:ubuntu/precise-security/python-django bug 2 Mature 2014-09-09 14:37:19 UTC
46. * SECURITY UPDATE: incorrect url vali...

Author: Marc Deslauriers
Revision Date: 2014-09-09 14:37:19 UTC

* SECURITY UPDATE: incorrect url validation in core.urlresolvers.reverse
  - debian/patches/CVE-2014-0480.patch: prevent reverse() from generating
    URLs pointing to other hosts in django/core/urlresolvers.py, added
    tests to tests/regressiontests/urlpatterns_reverse/{tests,urls}.py.
  - CVE-2014-0480
* SECURITY UPDATE: denial of service via file upload handling
  - debian/patches/CVE-2014-0481.patch: remove O(n) algorithm in
    django/core/files/storage.py, updated docs in
    docs/howto/custom-file-storage.txt, docs/ref/files/storage.txt,
    added tests to tests/modeltests/files/tests.py,
    tests/regressiontests/file_storage/tests.py, backport
    get_random_string() to django/utils/crypto.py.
  - CVE-2014-0481
* SECURITY UPDATE: web session hijack via REMOTE_USER header
  - debian/patches/CVE-2014-0482.patch: modified RemoteUserMiddleware to
    logout on REMOTE_USE change in django/contrib/auth/middleware.py,
    added test to django/contrib/auth/tests/remote_user.py.
  - CVE-2014-0482
* SECURITY UPDATE: data leak in contrib.admin via query string manipulation
  - debian/patches/CVE-2014-0483.patch: validate to_field in
    django/contrib/admin/{options,exceptions}.py,
    django/contrib/admin/views/main.py, added tests to
    tests/regressiontests/admin_views/tests.py.
  - debian/patches/CVE-2014-0483-bug23329.patch: regression fix in
    django/contrib/admin/options.py, added tests to
    tests/regressiontests/admin_views/{models,tests}.py.
  - debian/patches/CVE-2014-0483-bug23431.patch: regression fix in
    django/contrib/admin/options.py, added tests to
    tests/regressiontests/admin_views/{models,tests}.py.
  - CVE-2014-0483
lp:ubuntu/precise-updates/python-django bug 2 Mature 2014-09-09 14:37:19 UTC
48. * SECURITY UPDATE: incorrect url vali...

Author: Marc Deslauriers
Revision Date: 2014-09-09 14:37:19 UTC

* SECURITY UPDATE: incorrect url validation in core.urlresolvers.reverse
  - debian/patches/CVE-2014-0480.patch: prevent reverse() from generating
    URLs pointing to other hosts in django/core/urlresolvers.py, added
    tests to tests/regressiontests/urlpatterns_reverse/{tests,urls}.py.
  - CVE-2014-0480
* SECURITY UPDATE: denial of service via file upload handling
  - debian/patches/CVE-2014-0481.patch: remove O(n) algorithm in
    django/core/files/storage.py, updated docs in
    docs/howto/custom-file-storage.txt, docs/ref/files/storage.txt,
    added tests to tests/modeltests/files/tests.py,
    tests/regressiontests/file_storage/tests.py, backport
    get_random_string() to django/utils/crypto.py.
  - CVE-2014-0481
* SECURITY UPDATE: web session hijack via REMOTE_USER header
  - debian/patches/CVE-2014-0482.patch: modified RemoteUserMiddleware to
    logout on REMOTE_USE change in django/contrib/auth/middleware.py,
    added test to django/contrib/auth/tests/remote_user.py.
  - CVE-2014-0482
* SECURITY UPDATE: data leak in contrib.admin via query string manipulation
  - debian/patches/CVE-2014-0483.patch: validate to_field in
    django/contrib/admin/{options,exceptions}.py,
    django/contrib/admin/views/main.py, added tests to
    tests/regressiontests/admin_views/tests.py.
  - debian/patches/CVE-2014-0483-bug23329.patch: regression fix in
    django/contrib/admin/options.py, added tests to
    tests/regressiontests/admin_views/{models,tests}.py.
  - debian/patches/CVE-2014-0483-bug23431.patch: regression fix in
    django/contrib/admin/options.py, added tests to
    tests/regressiontests/admin_views/{models,tests}.py.
  - CVE-2014-0483
lp:~ubuntu-branches/ubuntu/precise/python-django/precise-201110201022 (Has a merge proposal) 1 Development 2011-10-20 10:22:46 UTC
35. sync up history from manually-created...

Author: Colin Watson
Revision Date: 2011-09-07 11:04:19 UTC

sync up history from manually-created branch
15 of 5 results FirstPreviousNextLast