[Secure-testing-team] Bug#596205: python-django: new minor release fixes CSRF bug
Tilman Koschnick
til at subnetz.org
Thu Sep 9 08:02:09 UTC 2010
Package: python-django
Version: 1.2.1-1
Severity: grave
Tags: security
Justification: user security hole
Hi,
the Django project released version 1.2.2, fixing a security problem in the CSRF
protection system. Details are on the Django Blog:
http://www.djangoproject.com/weblog/2010/sep/08/security-release/
Cheers, Til
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages python-django depends on:
ii python 2.6.5-13 interactive high-level object-orie
ii python-support 1.0.9 automated rebuilding support for P
Versions of packages python-django recommends:
ii libjs-jquery 1.4.2-2 JavaScript library for dynamic web
Versions of packages python-django suggests:
pn python-flup <none> (no description available)
ii python-mysqldb 1.2.2-10+b1 A Python interface to MySQL
pn python-psycopg <none> (no description available)
pn python-psycopg2 <none> (no description available)
pn python-sqlite <none> (no description available)
ii python-yaml 3.09-4 YAML parser and emitter for Python
-- no debconf information
More information about the Secure-testing-team
mailing list