Ubuntu
python-django package

lp:ubuntu/natty/python-django

Natty (11.04)
natty

Created by James Westby on 2010-10-13 and last modified on 2011-02-17

Get this branch:: bzr branch lp:ubuntu/natty/python-django

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Mature

Recent revisions

32. By Jamie Strandboge on 2011-02-17: * Merge from Debian for security fixes (LP: #719031). Remaining changes:
  - debian/control: don't Build-Depends on locales-all, which doesn't exist
    in natty
* Drop the following patches, now included upstream:
  - debian/patches/07_security_admin_infoleak.diff
  - debian/patches/08_security_pasword_reset_dos.diff
31. By Jamie Strandboge on 2011-01-03: * SECURITY UPDATE: information leak in admin interface
  - debian/patches/07_security_admin_infoleak.diff: validate querystring
    lookup arguments either specify only fields on the model being viewed,
    or cross relations which have been explicitly whitelisted.
  - CVE-2010-XXXX
* SECURITY UPDATE:
  - debian/patches/08_security_pasword_reset_dos.diff: adjust
    base36_to_int() function in django.utils.http will now validate the
    length of its input; on input longer than 13 digits (sufficient to
    base36-encode any 64-bit integer), it will now raise ValueError.
    Additionally, the default URL patterns for django.contrib.auth will now
    enforce a maximum length on the relevant parameters.
  - CVE-2010-XXXX
30. By Jamie Strandboge on 2010-10-12: * SECURITY UPDATE: XSS in CSRF protections. New upstream release
  - CVE-2010-3082
* debian/patches/01_disable_url_verify_regression_tests.diff:
  - updated to disable another test that fails without internet connection
  - patch based on work by Kai Kasurinen and Krzysztof Klimonda
* debian/control: don't Build-Depends on locales-all, which doesn't exist
  in maverick
29. By lamby on 2010-05-24: New upstream bugfix release.
28. By lamby on 2010-05-21: New upstream stable release.
27. By James Westby on 2010-01-31: Fix django test client cookie handling.
26. By lamby on 2009-12-01: * Remove embedded "decimal" code copy and use system version instead. The
  "doctest" code copy cannot be removed as parts of Django depend on modified
  behaviour. (Closes: #555419)
* Fix FTBFS in November by applying patch from upstream bug #12125.
  (Closes: #555931)
* Fix FTBFS under Python 2.6.3 by applying patch from upstream bug #11993.
  (Closes: #555969)
25. By Krzysztof Klimonda on 2009-10-12: * Merge python-django 1.1.1-1 from debian unstable (LP: #447617)
  for security and bug fixes, all Ubuntu changes merged by Debian.
* Add to debian/patches:
  - 20_python2.6.3_regression.patch - backported upstream commit 11620
    to make Django work with Python 2.6.3 properly. (LP: #445639)
24. By Krzysztof Klimonda on 2009-08-15: * debian/patches/20_disable_url_verify_regression_tests.diff
- Disable regression tests that require internet connection.
23. By lamby on 2009-08-14: * Run testsuite on build.
* Use "--with quilt" over specifying $(QUILT_STAMPFN)/unpatch dependencies.
* Override clean target correctly.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/oneiric/python-django

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntupython-django package