This bug was fixed in the package python-django - 0.96.1-2ubuntu2.1
--------------- python-django (0.96.1-2ubuntu2.1) hardy-security; urgency=low
* SECURITY UPDATE: security vulnerability in django admin * debian/patches/05_CVE-2008-2302_fix.diff: added upstream fix escaping request path in login page of admin site.(LP: #234631) * References: CVE link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302 upstream announce: http://www.djangoproject.com/weblog/2008/may/14/security/ upstream fix: http://code.djangoproject.com/changeset/7527
-- Andrea Gasparini <email address hidden> Thu, 29 May 2008 17:00:38 +0200
This bug was fixed in the package python-django - 0.96.1-2ubuntu2.1
---------------
python-django (0.96.1-2ubuntu2.1) hardy-security; urgency=low
* SECURITY UPDATE: security vulnerability in django admin patches/ 05_CVE- 2008-2302_ fix.diff: added upstream fix cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2008- 2302 www.djangoproje ct.com/ weblog/ 2008/may/ 14/security/ code.djangoproj ect.com/ changeset/ 7527
* debian/
escaping request path in login page of admin site.(LP: #234631)
* References:
CVE link: http://
upstream announce: http://
upstream fix: http://
-- Andrea Gasparini <email address hidden> Thu, 29 May 2008 17:00:38 +0200