Your message dated Sun, 05 Oct 2008 19:52:22 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#497765: fixed in python-django 0.95.1-1etch2
has caused the Debian Bug report #497765,
regarding Cross-site request forgery
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
497765: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497765
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: python-django
Severity: grave
Version: 0.95.1-1
Tags: security
All details are in http://www.djangoproject.com/weblog/2008/sep/02/security/
This affects stable/testing/unstable.
Unstable will be fixed shortly with the 1.0 version and hopefully, Lenny
will benefit from it. We need to release 0.95.1-1etch2 with the changes
from 0.95.4.
Cheers,
--
Raphaël Hertzog
Le best-seller français mis à jour pour Debian Etch :
http://www.ouaza.com/livre/admin-debian/
--- End Message ---
--- Begin Message ---
Source: python-django
Source-Version: 0.95.1-1etch2
We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive:
python-django_0.95.1-1etch2.diff.gz
to pool/main/p/python-django/python-django_0.95.1-1etch2.diff.gz
python-django_0.95.1-1etch2.dsc
to pool/main/p/python-django/python-django_0.95.1-1etch2.dsc
python-django_0.95.1-1etch2_all.deb
to pool/main/p/python-django/python-django_0.95.1-1etch2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
David Spreen <[EMAIL PROTECTED]> (supplier of updated python-django package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 19 Sep 2008 17:11:55 PDT
Source: python-django
Binary: python-django
Architecture: source all
Version: 0.95.1-1etch2
Distribution: stable-security
Urgency: low
Maintainer: David Spreen <[EMAIL PROTECTED]>
Changed-By: David Spreen <[EMAIL PROTECTED]>
Description:
python-django - A high-level Python Web framework
Closes: 448838 497765
Changes:
python-django (0.95.1-1etch2) stable-security; urgency=low
.
* debian/patches/04_csrf_fix.diff
- Fixes cross-site request forgery vulnerability.
http://www.djangoproject.com/weblog/2008/sep/02/security/
Closes: 497765
* debian/patches/05_i18n_dos_fix.diff.
- Fixes denial of service vulnerability (CVE-2007-5712).
Closes: 448838
Files:
62d31adf6a658ab089df66916148d2d8 940 python optional
python-django_0.95.1-1etch2.dsc
6e5e17af4148911137b1a8aebaa8096c 8069 python optional
python-django_0.95.1-1etch2.diff.gz
93417b16a120eada12b807b8372cc858 1025742 python optional
python-django_0.95.1-1etch2_all.deb
07f09d8429916481e09e84fd01e97355 1297839 python optional
python-django_0.95.1.orig.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkjUQC8ACgkQdhEvvPyx3SNA5QCgmgf0OSlXPZ0DHoI+7oeq4ld/
yX8AnjUVolueFu7uwvhx7m07tft/4T6z
=8h2V
-----END PGP SIGNATURE-----
--- End Message ---
