group.of.nepali.translators team mailing list archive

Thread
Date

[Bug 1553251] [NEW] USN-2915-1 introduced a regression in is_safe_url()

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Marc Deslauriers <marc.deslauriers@xxxxxxxxxxxxx>
Date: Fri, 04 Mar 2016 15:58:01 -0000
Reply-to: Bug 1553251 <1553251@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a security vulnerability ***

Public security bug reported:

See
https://github.com/claudep/django/commit/7ee019b60ab696930c8b692bff7d29c0f4cea885

** Affects: django
     Importance: Unknown
         Status: Unknown

** Affects: python-django (Ubuntu)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Precise)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Trusty)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Wily)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Affects: python-django (Ubuntu Xenial)
     Importance: Undecided
     Assignee: Marc Deslauriers (mdeslaur)
         Status: Confirmed

** Bug watch added: Django Bug Tracker #26308
   http://code.djangoproject.com/ticket/26308

** Also affects: django via
   http://code.djangoproject.com/ticket/26308
   Importance: Unknown
       Status: Unknown

** Also affects: python-django (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: python-django (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: python-django (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: python-django (Ubuntu Wily)
   Importance: Undecided
       Status: New

** Changed in: python-django (Ubuntu Precise)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Trusty)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Wily)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Xenial)
       Status: New => Confirmed

** Changed in: python-django (Ubuntu Precise)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: python-django (Ubuntu Trusty)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: python-django (Ubuntu Wily)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

** Changed in: python-django (Ubuntu Xenial)
     Assignee: (unassigned) => Marc Deslauriers (mdeslaur)

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1553251

Title:
  USN-2915-1 introduced a regression in is_safe_url()

Status in Django:
  Unknown
Status in python-django package in Ubuntu:
  Confirmed
Status in python-django source package in Precise:
  Confirmed
Status in python-django source package in Trusty:
  Confirmed
Status in python-django source package in Wily:
  Confirmed
Status in python-django source package in Xenial:
  Confirmed

Bug description:
  See
  https://github.com/claudep/django/commit/7ee019b60ab696930c8b692bff7d29c0f4cea885

To manage notifications about this bug go to:
https://bugs.launchpad.net/django/+bug/1553251/+subscriptions

Follow ups

[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
From: Mathew Hodson, 2016-03-08
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
From: Marc Deslauriers, 2016-03-07
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
From: Launchpad Bug Tracker, 2016-03-07
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
From: Launchpad Bug Tracker, 2016-03-07
[Bug 1553251] Re: USN-2915-1 introduced a regression in is_safe_url()
From: Launchpad Bug Tracker, 2016-03-04