[SECURITY] Fedora 14 Update: Django-1.2.3-1.fc14

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 23 12:57:33 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14745
2010-09-15 06:48:56
--------------------------------------------------------------------------------

Name        : Django
Product     : Fedora 14
Version     : 1.2.3
Release     : 1.fc14
URL         : http://www.djangoproject.com/
Summary     : A high-level Python Web framework
Description :
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.

--------------------------------------------------------------------------------
Update Information:

"""
Today the Django team has released Django 1.2.3, which remedies several issues with the recent 1.2.2 package.

This package corrects the following problems:

* The patch applied for the security issue covered in Django 1.2.2 caused issues with non-ASCII responses using CSRF tokens. This has been remedied.
* The patch also caused issues with some forms, most notably the user-editing forms in the Django administrative interface. This has been remedied.
* The packaging manifest did not contain the full list of required files. This has been remedied.
"""

See: http://www.djangoproject.com/weblog/2010/sep/10/123/
See http://www.djangoproject.com/weblog/2010/sep/08/security-release/
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #632239 - CVE-2010-3082 Django CSRF flaw
        https://bugzilla.redhat.com/show_bug.cgi?id=632239
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update Django' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list