[SECURITY] Fedora 14 Update: Django-1.2.3-1.fc14
updates at fedoraproject.org
updates at fedoraproject.org
Thu Sep 23 12:57:33 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-14745
2010-09-15 06:48:56
--------------------------------------------------------------------------------
Name : Django
Product : Fedora 14
Version : 1.2.3
Release : 1.fc14
URL : http://www.djangoproject.com/
Summary : A high-level Python Web framework
Description :
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.
--------------------------------------------------------------------------------
Update Information:
"""
Today the Django team has released Django 1.2.3, which remedies several issues with the recent 1.2.2 package.
This package corrects the following problems:
* The patch applied for the security issue covered in Django 1.2.2 caused issues with non-ASCII responses using CSRF tokens. This has been remedied.
* The patch also caused issues with some forms, most notably the user-editing forms in the Django administrative interface. This has been remedied.
* The packaging manifest did not contain the full list of required files. This has been remedied.
"""
See: http://www.djangoproject.com/weblog/2010/sep/10/123/
See http://www.djangoproject.com/weblog/2010/sep/08/security-release/
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #632239 - CVE-2010-3082 Django CSRF flaw
https://bugzilla.redhat.com/show_bug.cgi?id=632239
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update Django' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list