Ubuntu
python-django package

lp:~zyga/ubuntu/lucid/python-django/backport-for-launch-control

Lucid (10.04)
backport-for-launch-control

Created by Zygmunt Krynicki on 2011-03-16 and last modified on 2011-03-16

Get this branch:: bzr branch lp:~zyga/ubuntu/lucid/python-django/backport-for-launch-control

Only Zygmunt Krynicki can upload to this branch. If you are Zygmunt Krynicki please log in for upload directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Zygmunt Krynicki

Status:: Development

Recent revisions

34. By Zygmunt Krynicki on 2011-03-16: Add patch for django ticket 15622
33. By Zygmunt Krynicki on 2011-03-16: Backport from natty
32. By Jamie Strandboge on 2011-02-17: * Merge from Debian for security fixes (LP: #719031). Remaining changes:
  - debian/control: don't Build-Depends on locales-all, which doesn't exist
    in natty
* Drop the following patches, now included upstream:
  - debian/patches/07_security_admin_infoleak.diff
  - debian/patches/08_security_pasword_reset_dos.diff
31. By Jamie Strandboge on 2011-01-03: * SECURITY UPDATE: information leak in admin interface
  - debian/patches/07_security_admin_infoleak.diff: validate querystring
    lookup arguments either specify only fields on the model being viewed,
    or cross relations which have been explicitly whitelisted.
  - CVE-2010-XXXX
* SECURITY UPDATE:
  - debian/patches/08_security_pasword_reset_dos.diff: adjust
    base36_to_int() function in django.utils.http will now validate the
    length of its input; on input longer than 13 digits (sufficient to
    base36-encode any 64-bit integer), it will now raise ValueError.
    Additionally, the default URL patterns for django.contrib.auth will now
    enforce a maximum length on the relevant parameters.
  - CVE-2010-XXXX
30. By Jamie Strandboge on 2010-10-12: * SECURITY UPDATE: XSS in CSRF protections. New upstream release
  - CVE-2010-3082
* debian/patches/01_disable_url_verify_regression_tests.diff:
  - updated to disable another test that fails without internet connection
  - patch based on work by Kai Kasurinen and Krzysztof Klimonda
* debian/control: don't Build-Depends on locales-all, which doesn't exist
  in maverick
29. By lamby on 2010-05-24: New upstream bugfix release.
28. By lamby on 2010-05-21: New upstream stable release.
27. By James Westby on 2010-01-31: Fix django test client cookie handling.
26. By lamby on 2009-12-01: * Remove embedded "decimal" code copy and use system version instead. The
  "doctest" code copy cannot be removed as parts of Django depend on modified
  behaviour. (Closes: #555419)
* Fix FTBFS in November by applying patch from upstream bug #12125.
  (Closes: #555931)
* Fix FTBFS under Python 2.6.3 by applying patch from upstream bug #11993.
  (Closes: #555969)
25. By Krzysztof Klimonda on 2009-10-12: * Merge python-django 1.1.1-1 from debian unstable (LP: #447617)
  for security and bug fixes, all Ubuntu changes merged by Debian.
* Add to debian/patches:
  - 20_python2.6.3_regression.patch - backported upstream commit 11620
    to make Django work with Python 2.6.3 properly. (LP: #445639)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/natty/python-django

This branch contains Public information

Everyone can see this information.

Subscribers

Zygmunt Krynicki

Ubuntupython-django package