Francesco Bonanno

lp://qastaging/~mibo-fra/+junk/python-django

Created by Francesco Bonanno and last modified
Get this branch:
bzr branch lp://qastaging/~mibo-fra/+junk/python-django
Only Francesco Bonanno can upload to this branch. If you are Francesco Bonanno please log in for upload directions.

Related bugs

Related blueprints

Branch information

Owner:
Francesco Bonanno
Status:
Development

Recent revisions

45. By Francesco Bonanno

fixed changelog

44. By Francesco Bonanno

fixed package version

43. By Francesco Bonanno

1.3.1 version for quantal and plus

42. By Andres Rodriguez

[ Julian Edwards ]
* debian/patches:
  - prefetch_related.diff: Backport prefetch_related from 1.4 (LP: #1081388)
  - bug15496-base64-multipart-fix.diff: Include fix for upstream bug #15496
    which makes 'Content-Transfer-Encoding: base64: work for multipart
    messages. (LP: #1081392)

41. By Andres Rodriguez

[ Julian Edwards ]
* debian/patches:
  - genericipaddressfield.diff: Backport GenericIPAddressField
    from 1.4 (LP: #1081391)
  - prefetch_related.diff: Backport prefetch_related from 1.4 (LP: #1081388)
  - bug15496-base64-multipart-fix.diff: Include fix for upstream bug #15496
    which makes 'Content-Transfer-Encoding: base64: work for multipart
    messages. (LP: #1081392)

40. By Jamie Strandboge

* Add additional tests for CVE-2012-4520
  - debian/patches/CVE-2012-4520-additional-tests.diff: add various poisoned
    host header test material
* Don't fail self-tests if MANAGERS or ADMINS is defined in settings.py
  - debian/patches/lp1080204.diff: Isolate poisoned_http_host tests from 500
  - https://code.djangoproject.com/ticket/19172
  - LP: #1080204

39. By Jamie Strandboge

* SECURITY UPDATE: fix Host header poisoning
  - debian/patches/CVE-2012-4520.diff: adjust HttpRequest.get_host() to
    raise django.core.exceptions.SuspiciousOperation if Host headers contain
    potentially dangerous content. Patch thanks to Mackenzie Morgan.
  - CVE-2012-4520
  - LP: #1068486

38. By Marc Deslauriers

[ Scott Kitterman ]
* SECURITY UPDATE: multiple issues (LP: #1031733)
* References CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
  https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
* New upstream release to address three security issues:
  - Cross-site scripting in authentication views
  - Denial-of-service in image validation
  - Denial-of-service via get_image_dimensions()
* Added debian/patches/security_http_redirects,
  security_image_uploading_two, and security_image_uploading cherry picked
  from upstream git

[ Marc Deslauriers ]
* debian/patches/security_http_redirects: remove unrelated changes, add
  python 2.4 regression fix.

37. By Dave Walker

* Merge with Debian. Remaining changes:
  - 09_test_view_decorator_sleep.diff increases the sleep time to
    reduce race condition effects on build machines.
    https://code.djangoproject.com/ticket/16686 (LP: #829487)
* debian/patches/{psycopg2_creation.diff,compat-psycopg2-plus2.4.2.diff}:
  - New patches, resolve compatibility with psycopg2 > 2.4.1, patches
    based on upstream submissions, rebasing courtesy of Dave Pifke.
  - LP: #905837

36. By Barry Warsaw

* Merge with Debian. Remaining changes:
  - 09_test_view_decorator_sleep.diff increases the sleep time to
    reduce race condition effects on build machines.
    https://code.djangoproject.com/ticket/16686 (LP: #829487)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.