lp:~jtaylor/ubuntu/oneiric/python-django-piston/fix-884910
Created by
Julian Taylor
and last modified
- Get this branch:
- bzr branch lp:~jtaylor/ubuntu/oneiric/python-django-piston/fix-884910
Only
Julian Taylor
can upload to this branch. If you are
Julian Taylor
please log in for upload directions.
Branch merges
Propose for merging
No branches
dependent on this one.
- Jamie Strandboge: Approve
-
Diff: 80 lines (+57/-0)4 files modifieddebian/changelog (+9/-0)
debian/patches/02-fix-yaml-load.diff (+18/-0)
debian/patches/03-fix-pickle-load.diff (+28/-0)
debian/patches/series (+2/-0)
Related source package recipes
Branch information
- Owner:
- Julian Taylor
- Status:
- Merged
Recent revisions
- 4. By Julian Taylor
-
* SECURITY UPDATE: remote code execution vulnerability. LP: #884910
- 02-fix-yaml-load. diff: use yaml.safe_load
- 03-fix-pickle- load.diff: disable unpickling, backport from 0.2.3
- https://www.djangoproj ect.com/ weblog/ 2011/nov/ 01/piston- and-tastypie- security- releases/ - 3. By Artur Rona
-
[ Leo Jackson ]
debian/control: Bump Depends on python-oauth 1.0 since we don't
have 1.0.1 yet. Fixes install problem. (LP: #653480)
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/python-django-piston
