Bug#683364: marked as done (CVE-2012-3442/CVE-2012-3443/CVE-2012-3444: Django 1.3.1 and 1.4.0 security issues)

[Debian Bug Tracking System]

Your message dated Thu, 02 Aug 2012 12:03:02 +0000
with message-id <e1swu7k-0003gn...@franck.debian.org>
and subject line Bug#683364: fixed in python-django 1.4.1-1
has caused the Debian Bug report #683364,
regarding CVE-2012-3442/CVE-2012-3443/CVE-2012-3444: Django 1.3.1 and 1.4.0 
security issues
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
683364: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683364
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: python-django
Version: 1.4-1
Severity: important
Tags: security

https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
http://www.openwall.com/lists/oss-security/2012/07/31/1
http://www.openwall.com/lists/oss-security/2012/07/31/2

- Henri Salo

--- End Message ---

--- Begin Message ---

Source: python-django
Source-Version: 1.4.1-1

We believe that the bug you reported is fixed in the latest version of
python-django, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 683...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Raphaël Hertzog <hert...@debian.org> (supplier of updated python-django package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 02 Aug 2012 10:44:02 +0200
Source: python-django
Binary: python-django python-django-doc
Architecture: source all
Version: 1.4.1-1
Distribution: unstable
Urgency: low
Maintainer: Chris Lamb <la...@debian.org>
Changed-By: Raphaël Hertzog <hert...@debian.org>
Description: 
 python-django - High-level Python web development framework
 python-django-doc - High-level Python web development framework (documentation)
Closes: 683364
Changes: 
 python-django (1.4.1-1) unstable; urgency=low
 .
   * New upstream security and maintenance release. Closes: #683364
     Fixes: CVE-2012-3442 CVE-2012-3443 CVE-2012-3444
   * Drop 01_disable_broken_test.diff and 04_hyphen-manpage.diff which
     have been merged upstream.
Checksums-Sha1: 
 ab994c2ba489e01de15d53cf6c835ce2af12b988 2227 python-django_1.4.1-1.dsc
 992e0e9c6c3b9167b29946bfe3956406fc747ef4 7656756 
python-django_1.4.1.orig.tar.gz
 fd1d5ae9d906d607d6665ed8d6ec73227283701e 19420 
python-django_1.4.1-1.debian.tar.gz
 b72079fe43d9af25549e2bb022092dc9e7a4cec6 5371932 python-django_1.4.1-1_all.deb
 96594fb596b850dbbe8c758281f4ab63756f0a31 2357188 
python-django-doc_1.4.1-1_all.deb
Checksums-Sha256: 
 1a121d36c924b0619bc35948939ba542040f6d25afb69e9ec489526e4d34ca5d 2227 
python-django_1.4.1-1.dsc
 4d8d20eba350d3d29613cc5a6302d5c23730c7f9e150985bc58b3175b755409b 7656756 
python-django_1.4.1.orig.tar.gz
 5bcd52903554a8e0fd3c7eb9f39683cc04efbea2e9918edb2d8b6767aadff67c 19420 
python-django_1.4.1-1.debian.tar.gz
 9f15218df361ac6e5e75c196f703fe9a805c3d1d7a7635a789ce2b32cfde1f8e 5371932 
python-django_1.4.1-1_all.deb
 7c508c2fabde676e189d8c9050c78f4ab7ff21013e8cdad4b17b590605a58660 2357188 
python-django-doc_1.4.1-1_all.deb
Files: 
 164d33704691bfb3b4dd2abe537b0f77 2227 python optional python-django_1.4.1-1.dsc
 e345268dacff12876ae4e45de0a61b7d 7656756 python optional 
python-django_1.4.1.orig.tar.gz
 2565371f2e1bfd9ec10c23c7d1b066c4 19420 python optional 
python-django_1.4.1-1.debian.tar.gz
 3577195af4b14ce717decc44677a50dc 5371932 python optional 
python-django_1.4.1-1_all.deb
 8869956447d1de3366618b15196ac859 2357188 doc optional 
python-django-doc_1.4.1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Signed by Raphael Hertzog

iQIcBAEBCAAGBQJQGmd8AAoJEOYZBF3yrHKaXDEQAIqoQqo8aq3UDAmvnzkvZmtd
+sme0xMBIQdum+d7tPxQxRtUuvK1yZeJCY78I35lJLglO/hrnEgWx2efpr5zrJ9A
S1gggGbY2XfKJ52kHLH3jKiLfvZxsxYcDNJBHKu7Qj/R3h14c/nEzLLC/9BK4OGj
zwU9FRxs+zATQQe8YjpO5KEMl+u1IBehmE9ECHUveLez5bOm3Tp0KGyYJFX0XPB5
PGlhk3oKURf5pzxfGYvdmwikouMOuvDNr3V3Mk+jfUZRxIeh469qDFm+uA7tg1NU
IL8hWf1xMNS096ey1GSUMpetIR+F7sdqdGIziNLmYUjVxgz+NCsgyVgctuF4zd/g
/VITtpmgzfG9jOnvnLldn/JpndFpYmYiQQA6nLdj8x3sb2+SgTUrJACyI3+gTGSP
4pVzSAkCInaQOsqX1zb6L7qQxppDWv1vIukWNl8zfoj15lytr915B1EDMmFMbU8W
6PlLpYFk3FsijzFzo2B5vC/j29AZxvsQIYmSsei5Vu1hqY2h1WrqmAW5HuBG659Y
V/7eMmsGfZ7nmShABaq3JxL1ZejYNk3FXadRb1A7a9hnIx9aK0y9EWgcQZc727Aw
4bk2NrRWdyBZLvj/I2mvif+SRqh66eitTv0I60g5Vb27weVQL5c+AD/y69j+dSmZ
0OZt9UkUpfMCVmeMT3ks
=i0eu
-----END PGP SIGNATURE-----

--- End Message ---