lp:ubuntu/oneiric/python-django

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/oneiric/python-django
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Mature

Recent revisions

35. By Colin Watson

sync up history from manually-created branch

34. By Barry Warsaw

* 09_test_view_decorator_sleep.diff increases the sleep time to
  reduce race condition effects on build machines.
  https://code.djangoproject.com/ticket/16686 (LP: #829487)
* Remove build-dep on locales-all which isn't in the Ubuntu archive.

33. By Piotr O┼╝arowski

* Team upload.

[ Chris Lamb ]
* Don't remove "backup~" test file - upstream did ship it; we were just
  removing it with dh_clean.

[ Piotr O┼╝arowski ]
* Fix builds with non-default Python versions installed
* Bump Standards-Version to 3.9.2 (no changes needed)

32. By Jamie Strandboge

* Merge from Debian for security fixes (LP: #719031). Remaining changes:
  - debian/control: don't Build-Depends on locales-all, which doesn't exist
    in natty
* Drop the following patches, now included upstream:
  - debian/patches/07_security_admin_infoleak.diff
  - debian/patches/08_security_pasword_reset_dos.diff

31. By Jamie Strandboge

* SECURITY UPDATE: information leak in admin interface
  - debian/patches/07_security_admin_infoleak.diff: validate querystring
    lookup arguments either specify only fields on the model being viewed,
    or cross relations which have been explicitly whitelisted.
  - CVE-2010-XXXX
* SECURITY UPDATE:
  - debian/patches/08_security_pasword_reset_dos.diff: adjust
    base36_to_int() function in django.utils.http will now validate the
    length of its input; on input longer than 13 digits (sufficient to
    base36-encode any 64-bit integer), it will now raise ValueError.
    Additionally, the default URL patterns for django.contrib.auth will now
    enforce a maximum length on the relevant parameters.
  - CVE-2010-XXXX

30. By Jamie Strandboge

* SECURITY UPDATE: XSS in CSRF protections. New upstream release
  - CVE-2010-3082
* debian/patches/01_disable_url_verify_regression_tests.diff:
  - updated to disable another test that fails without internet connection
  - patch based on work by Kai Kasurinen and Krzysztof Klimonda
* debian/control: don't Build-Depends on locales-all, which doesn't exist
  in maverick

29. By lamby

New upstream bugfix release.

28. By lamby

New upstream stable release.

27. By James Westby

Fix django test client cookie handling.

26. By lamby

* Remove embedded "decimal" code copy and use system version instead. The
  "doctest" code copy cannot be removed as parts of Django depend on modified
  behaviour. (Closes: #555419)
* Fix FTBFS in November by applying patch from upstream bug #12125.
  (Closes: #555931)
* Fix FTBFS under Python 2.6.3 by applying patch from upstream bug #11993.
  (Closes: #555969)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/precise/python-django
This branch contains Public information 
Everyone can see this information.

Subscribers