** No longer affects: python-django (Ubuntu Precise)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1553251
Title:
USN-2915-1 introduced a regression in is_safe_url()
To manage notifications about t
First round of regression fixes used incomplete patch. Proper upstream
commits are:
https://github.com/django/django/commit/ada7a4aefb9bec4c34667b511022be6057102f98
https://github.com/django/django/commit/552f03869ea7f3072b3fa19ffb6cb2d957fd8447
--
You received this bug notification because you
Ubuntu 12.04 LTS isn't affected by the regression.
** Changed in: python-django (Ubuntu Precise)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1553251
Title:
USN
This bug was fixed in the package python-django - 1.7.9-1ubuntu5.3
---
python-django (1.7.9-1ubuntu5.3) wily-security; urgency=medium
* SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251)
- debian/patches/CVE-2016-2512-regression.patch: force url to unicode
This bug was fixed in the package python-django - 1.6.1-2ubuntu0.13
---
python-django (1.6.1-2ubuntu0.13) trusty-security; urgency=medium
* SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251)
- debian/patches/CVE-2016-2512-regression.patch: force url to unicod
This bug was fixed in the package python-django - 1.8.7-1ubuntu3
---
python-django (1.8.7-1ubuntu3) xenial; urgency=medium
* SECURITY REGRESSION: is_safe_url() with non-unicode url (LP: #1553251)
- debian/patches/CVE-2016-2512-regression.patch: force url to unicode
in djan
https://github.com/django/django/pull/6242
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1553251
Title:
USN-2915-1 introduced a regression in is_safe_url()
To manage notifications about this bug go
