[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
** No longer affects: python-django (Ubuntu Precise) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
** No longer affects: python-django (Ubuntu Precise) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
First round of regression fixes used incomplete patch. Proper upstream commits are: https://github.com/django/django/commit/ada7a4aefb9bec4c34667b511022be6057102f98 https://github.com/django/django/commit/552f03869ea7f3072b3fa19ffb6cb2d957fd8447 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
First round of regression fixes used incomplete patch. Proper upstream commits are: https://github.com/django/django/commit/ada7a4aefb9bec4c34667b511022be6057102f98 https://github.com/django/django/commit/552f03869ea7f3072b3fa19ffb6cb2d957fd8447 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
Ubuntu 12.04 LTS isn't affected by the regression. ** Changed in: python-django (Ubuntu Precise) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
Ubuntu 12.04 LTS isn't affected by the regression. ** Changed in: python-django (Ubuntu Precise) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
This bug was fixed in the package python-django - 1.7.9-1ubuntu5.3 --- python-django (1.7.9-1ubuntu5.3) wily-security; urgency=medium * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251) - debian/patches/CVE-2016-2512-regression.patch: force url to unicode in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2016-2512 -- Marc DeslauriersFri, 04 Mar 2016 11:06:58 -0500 ** Changed in: python-django (Ubuntu Wily) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
This bug was fixed in the package python-django - 1.7.9-1ubuntu5.3 --- python-django (1.7.9-1ubuntu5.3) wily-security; urgency=medium * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251) - debian/patches/CVE-2016-2512-regression.patch: force url to unicode in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2016-2512 -- Marc DeslauriersFri, 04 Mar 2016 11:06:58 -0500 ** Changed in: python-django (Ubuntu Wily) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
This bug was fixed in the package python-django - 1.6.1-2ubuntu0.13 --- python-django (1.6.1-2ubuntu0.13) trusty-security; urgency=medium * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251) - debian/patches/CVE-2016-2512-regression.patch: force url to unicode in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2016-2512 -- Marc DeslauriersFri, 04 Mar 2016 11:07:40 -0500 ** Changed in: python-django (Ubuntu Trusty) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
This bug was fixed in the package python-django - 1.6.1-2ubuntu0.13 --- python-django (1.6.1-2ubuntu0.13) trusty-security; urgency=medium * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251) - debian/patches/CVE-2016-2512-regression.patch: force url to unicode in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2016-2512 -- Marc DeslauriersFri, 04 Mar 2016 11:07:40 -0500 ** Changed in: python-django (Ubuntu Trusty) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
This bug was fixed in the package python-django - 1.8.7-1ubuntu3 --- python-django (1.8.7-1ubuntu3) xenial; urgency=medium * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251) - debian/patches/CVE-2016-2512-regression.patch: force url to unicode in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2016-2512 -- Marc DeslauriersFri, 04 Mar 2016 11:03:43 -0500 ** Changed in: python-django (Ubuntu Xenial) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2512 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
This bug was fixed in the package python-django - 1.8.7-1ubuntu3 --- python-django (1.8.7-1ubuntu3) xenial; urgency=medium * SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251) - debian/patches/CVE-2016-2512-regression.patch: force url to unicode in django/utils/http.py, added test to tests/utils_tests/test_http.py. - CVE-2016-2512 -- Marc DeslauriersFri, 04 Mar 2016 11:03:43 -0500 ** Changed in: python-django (Ubuntu Xenial) Status: Confirmed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2512 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
https://github.com/django/django/pull/6242 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to python-django in Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
https://github.com/django/django/pull/6242 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1553251 Title: USN-2915-1 introduced a regression in is_safe_url() To manage notifications about this bug go to: https://bugs.launchpad.net/django/+bug/1553251/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs