Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id E423763BBFF for ; Mon, 12 Sep 2011 08:17:10 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id B671814A1D7; Mon, 12 Sep 2011 08:17:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 07C5B14A1BD for ; Mon, 12 Sep 2011 08:17:09 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id cXObYDN8btDe for ; Mon, 12 Sep 2011 08:17:08 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 67B1314A173 for ; Mon, 12 Sep 2011 08:17:08 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 3B553175DD; Mon, 12 Sep 2011 08:17:08 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Mon, 12 Sep 2011 08:17:08 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/www/py-django To: pkgsrc-changes@NetBSD.org Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20110912081708.3B553175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: adam Date: Mon Sep 12 08:17:07 UTC 2011 Modified Files: pkgsrc/www/py-django: Makefile PLIST distinfo Log Message: Changes 1.3.1: Fixed security issues: * Session manipulation * Denial of service attack via URLField * URLField redirection * Host header cache poisoning * Advisory: Host header and CSRF * Advisory: Cross-subdomain CSRF attacks * Advisory: DEBUG pages and sensitive POST data To generate a diff of this commit: cvs rdiff -u -r1.31 -r1.32 pkgsrc/www/py-django/Makefile cvs rdiff -u -r1.20 -r1.21 pkgsrc/www/py-django/PLIST cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/py-django/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.