cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
83,182 Commits 1 Branch 0 Tags 554 MiB
693840da59
Commit Graph

16 Commits

Author SHA1 Message Date
sthen
195eaac041 SECURITY update; py-Django 1.4.5 
https://www.djangoproject.com/weblog/2013/feb/19/security/

- Host header poisoning: an attacker could cause Django to generate
and display URLs that link to arbitrary domains.

- Formset denial-of-service: an attacker can abuse Django's tracking
of the number of forms in a formset to cause a denial-of-service attack.

- XML attacks: Django's serialization framework was vulnerable to
attacks via XML entity expansion and external references.

- Data leakage via admin history log: Django's admin interface could
expose supposedly-hidden information via its history log.
 2013-03-02 12:47:49 +00:00
rpointel
3577e6272a update django to 1.4.3. 
ok Ryan Boggs (maintainer).
 2012-12-29 07:16:38 +00:00
gsoares
622f0916bb SECURITY update for py-django-1.4.2 
diff submitted by Ryan Boggs (MAINTAINER), thanks!

This update fixes a security issue related to host header poisoning.
more details at: ttps://www.djangoproject.com/weblog/2012/oct/17/security/
 2012-10-20 16:00:58 +00:00
jasper
0b8889a1de SECURITY UPDATE to 1.4.1, fixes CVE-2012-3442 CVE-2012-3443 CVE-2012-3444 
Django Cross-Site Scripting and Two Denial of Service Vulnerabilities

from ryan boggs (MAINTAINER)
 2012-08-24 17:01:32 +00:00
rpointel
301f0c2a42 Update django to 1.4, ok Ryan Boggs (maintainer). 
release notes: https://docs.djangoproject.com/en/dev/releases/1.4/
 2012-05-10 20:04:48 +00:00
rpointel
50e0636f2c Update Django to 1.3. 
From Piotr Sikora, ok Ryan Boggs (MAINTAINER), discussed with me and landry@.
 2011-04-24 18:40:03 +00:00
jasper
27ef93b489 - update py-django to 1.2.5 
from ryan boggs (MAINTAINER)
 2011-03-10 09:29:10 +00:00
rpointel
5be9e1992c Update django to 1.2.4 from Ryan Boggs (Maintainer). 
Add spaces around variables.

SECURITY FIX :
http://www.djangoproject.com/weblog/2010/dec/22/security/
 2011-01-02 22:04:09 +00:00
armani
44cd673bfc Update django to 1.2.3, from maintainer Ryan Boggs 
go for it sthen@
 2010-10-05 09:03:19 +00:00
sthen
d476f25ae9 Update to 1.2.1, from maintainer Ryan Boggs, also tested by armani@ 2010-07-16 07:41:41 +00:00
steven
55ff289558 security update to 1.1.1 
description at http://www.djangoproject.com/weblog/2009/oct/09/security/

from maintainer Ryan Boggs
 2009-10-10 17:09:03 +00:00
sthen
5d7fe94df7 Update to 1.1, from maintainer Ryan Boggs. 2009-09-18 13:16:51 +00:00
ian
8a6df1f0ef Upgrade to 1.0.2, and switch maintainer to Ryan Boggs, with approval of old maintainer. 2009-06-03 17:02:54 +00:00
wcmaier
2e43c8cea1 Update to 0.96.2, which includes a SECURITY FIX (XSS in admin interface). 
From MAINTAINER Darrin Chandler <dwchandler at stilyagin at com>.
Use MODPY_EGG_VERSION while here.

ok merdely@
 2008-05-24 04:17:11 +00:00
merdely
6393f4e72e Update to 0.96.1. 
Fixes an i18n vuln leading to possible DoS, described at
http://www.djangoproject.com/weblog/2007/oct/26/security-fix/

From MAINTAINER (Darren Chandler)
"go ahead" jasper@
 2007-11-08 22:00:36 +00:00
merdely
178a33f7d6 Django is a high-level Python Web framework that encourages rapid 
development and clean, pragmatic design.

Developed and used over two years by a fast-moving online-news
operation, Django was designed to handle two challenges: the intensive
deadlines of a newsroom and the stringent requirements of the
experienced Web developers who wrote it. It lets you build
high-performing, elegant Web applications quickly.

From Darrin Chandler (MAINTAINER)
Testing and help from Will Maier and myself
ok steven@
 2007-09-19 13:45:00 +00:00