Debian
python-django package

lp:debian/lenny/python-django

  1. Lenny (5.0)
  2. lenny
Created by James Westby and last modified
Get this branch:
bzr branch lp:debian/lenny/python-django
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

9. By Raphaël Hertzog

* Security upload:
  https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
* Backport the 3 patches provided for Django 1.2 to the old 1.0 version
  provided in Debian Lenny.
  Closes: #641405

8. By lamby

Add patch to fix remote denial of service by exploiting pathological
performance of regular expressions (Closes: #550457)

Upstream writes:

SECURITY ALERT: Corrected regular expressions for URL and email fields.

Certain email addresses/URLs could trigger a catastrophic backtracking
situation, causing 100% CPU and server overload. If deliberately triggered, this
could be the basis of a denial-of-service attack.

<http://www.djangoproject.com/weblog/2009/oct/09/security/>

7. By lamby

Add patch to fix issue with a maliciously crafted URL gaining access to
any file on the filesystem (Closes: #539134)

Upstream writes:

Django includes a lightweight, WSGI-based web server for use in
learning Django and in testing new applications during early stages of
development. For sake of convenience, this web server automatically
maps certain URLs corresponding to the static media files used by the
Django administrative application.

The handler which maps these URLs did not properly check the requested
URL to verify that it corresponds to a static media file used by
Django. As such, a carefully-crafted URL can cause the development
server to serve any file to which it has read access.

<http://www.djangoproject.com/weblog/2009/jul/28/security/>

6. By lamby

[ Chris Lamb ]
* New upstream bugfix release. Closes: #505783
* Add myself to Uploaders with ACK from Brett.

[ David Spreen ]
* Remove python-pysqlite2 from Recommends because Python 2.5 includes
  sqlite library used by Django. Closes: 497886

[ Sandro Tosi ]
* debian/control
  - switch Vcs-Browser field to viewsvn

5. By Raphaël Hertzog

[ David Spreen ]
* New _stable_ upstream release.

[ Raphael Hertzog ]
* This version fixes the latest security issue:
  http://www.djangoproject.com/weblog/2008/sep/02/security/
  Closes: #497765
* Don't include source files of documentation in the binary package,
  keep only the HTML version.
* Updated README.Debian with information about the switch from 0.96 to
  1.0.
* Remove execute right on /etc/bash_completion.d/django_bash_completion
* Add debian/patches/04_hyphen-manpage.diff to fix a lintian message
  (hyphen-used-as-minus-sign usr/share/man/man1/django-admin.1.gz:156).
* Don't compress javascript files.
* Add libjs-jquery to Recommends since it's used by the HTML
  documentation.

4. By Raphaël Hertzog

[ Brett Parker ]
* New upstream minor release for security bugs:
  - http://www.djangoproject.com/weblog/2007/jan/21/0951/
    - Fixes a small security vulnerability in the script Django's
      internationalization system uses to compile translation files
      (changeset 4360 in the "0.95-bugfixes" branch).
    - fix for a bug in Django's authentication middleware which could cause
      apparent "caching" of a logged-in user (changeset 4361).
    - patch which disables debugging mode in the flup FastCGI package Django
      uses to launch its FastCGI server, which prevents tracebacks from
      bubbling up during production use (changeset 4363).
  Closes: #407786, #407607
* Sets Recommends to python-psycopg and moves other database engines to
  the Suggests field.

[ Raphael Hertzog ]
* Use python-pysqlite2 as default database engine in Recommends. Others are
  in Suggests. Closes: #403761
* Add python-psycopg2 in Suggests. Closes: #407489

3. By Raphaël Hertzog

[ Piotr Ozarowski ]
* Added XS-Vcs-Svn field

[ Brett Parker ]
* Made manage.py get a shebang with the version of python
  used when running django-admin (closes: #401616)
* Created a convenience /usr/lib/python-django/bin symlink.

[ Raphael Hertzog ]
* Adapted Brett's work to better fit my views of the packaging.

2. By Raphaël Hertzog

[ Brett Parker ]
* 0.95 release - initial packaging

[ Raphael Hertzog ]
* Fix recommends: s/python-sqlite/python-pysqlite2/
* Add debian/pyversions to ensure that we have at least python 2.3 (and to
  work around bug #391689 of python-support).

1. By Raphaël Hertzog

Import upstream version 0.95

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:debian/squeeze/python-django
This branch contains Public information 
Everyone can see this information.

Subscribers