Ubuntu
python-django package

lp://staging/~ubuntu-branches/ubuntu/precise/python-django/precise-201110201022

Precise (12.04)
precise-201110201022

Created by Ubuntu Package Importer on 2011-10-20 and last modified on 2011-10-20

Get this branch:: bzr branch lp://staging/~ubuntu-branches/ubuntu/precise/python-django/precise-201110201022

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Ready for review for merging into lp://staging/ubuntu/precise/python-django

Ubuntu branches: Pending requested 2011-10-20

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

35. By Colin Watson on 2011-09-07

sync up history from manually-created branch

34. By Barry Warsaw on 2011-08-23

* 09_test_view_decorator_sleep.diff increases the sleep time to
reduce race condition effects on build machines.
https://code.djangoproject.com/ticket/16686 (LP: #829487)
* Remove build-dep on locales-all which isn't in the Ubuntu archive.

33. By Piotr Ożarowski on 2011-05-02

* Team upload.

[ Chris Lamb ]
* Don't remove "backup~" test file - upstream did ship it; we were just
removing it with dh_clean.

[ Piotr Ożarowski ]
* Fix builds with non-default Python versions installed
* Bump Standards-Version to 3.9.2 (no changes needed)

32. By Jamie Strandboge on 2011-02-17

* Merge from Debian for security fixes (LP: #719031). Remaining changes:
  - debian/control: don't Build-Depends on locales-all, which doesn't exist
    in natty
* Drop the following patches, now included upstream:
  - debian/patches/07_security_admin_infoleak.diff
  - debian/patches/08_security_pasword_reset_dos.diff

31. By Jamie Strandboge on 2011-01-03

* SECURITY UPDATE: information leak in admin interface
  - debian/patches/07_security_admin_infoleak.diff: validate querystring
    lookup arguments either specify only fields on the model being viewed,
    or cross relations which have been explicitly whitelisted.
  - CVE-2010-XXXX
* SECURITY UPDATE:
  - debian/patches/08_security_pasword_reset_dos.diff: adjust
    base36_to_int() function in django.utils.http will now validate the
    length of its input; on input longer than 13 digits (sufficient to
    base36-encode any 64-bit integer), it will now raise ValueError.
    Additionally, the default URL patterns for django.contrib.auth will now
    enforce a maximum length on the relevant parameters.
  - CVE-2010-XXXX

30. By Jamie Strandboge on 2010-10-12

* SECURITY UPDATE: XSS in CSRF protections. New upstream release
  - CVE-2010-3082
* debian/patches/01_disable_url_verify_regression_tests.diff:
  - updated to disable another test that fails without internet connection
  - patch based on work by Kai Kasurinen and Krzysztof Klimonda
* debian/control: don't Build-Depends on locales-all, which doesn't exist
  in maverick

29. By lamby on 2010-05-24

New upstream bugfix release.

28. By lamby on 2010-05-21

New upstream stable release.

27. By James Westby on 2010-01-31

Fix django test client cookie handling.

26. By lamby on 2009-12-01

* Remove embedded "decimal" code copy and use system version instead. The
  "doctest" code copy cannot be removed as parts of Django depend on modified
  behaviour. (Closes: #555419)
* Fix FTBFS in November by applying patch from upstream bug #12125.
  (Closes: #555931)
* Fix FTBFS under Python 2.6.3 by applying patch from upstream bug #11993.
  (Closes: #555969)

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp://staging/ubuntu/precise/python-django

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntupython-django package