gnutls26 (2.8.5-2ubuntu0.7) lucid-security; urgency=medium
* SECURITY UPDATE: signature forgery issue
- debian/patches/CVE-2015-0282.patch: make sure the signature
algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
lib/x509/privkey.c, lib/x509/verify.c,
python-django (1.1.1-2ubuntu1.17) lucid-security; urgency=medium
* SECURITY UPDATE: XSS attack via user-supplied redirect URLs
- debian/patches/CVE-2015-2317.patch: reject URLs that start with
control characters in django/utils/http.py.
- CVE-2015-2317
Date: 2015-03-20
gnutls26 (2.8.5-2ubuntu0.7) lucid-security; urgency=medium
* SECURITY UPDATE: signature forgery issue
- debian/patches/CVE-2015-0282.patch: make sure the signature
algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
lib/x509/privkey.c, lib/x509/verify.c,
python-django (1.1.1-2ubuntu1.17) lucid-security; urgency=medium
* SECURITY UPDATE: XSS attack via user-supplied redirect URLs
- debian/patches/CVE-2015-2317.patch: reject URLs that start with
control characters in django/utils/http.py.
- CVE-2015-2317
Date: 2015-03-20