Subject: CVS commit: pkgsrc/www
From: Adam Ciarcinski
Date: 2015-01-14 18:07:12
Message id: 20150114170712.E87D398@cvs.netbsd.org
Log Message:
Fixed securify issues:
* WSGI header spoofing via underscore/dash conflation
* Mitigated possible XSS attack via user-supplied redirect URLs
* Denial-of-service attack against django.views.static.serve
* Database denial-of-service with ModelMultipleChoiceField
Files:
RevisionActionfile
1.57modifypkgsrc/www/py-django/Makefile
1.40modifypkgsrc/www/py-django/distinfo
1.9modifypkgsrc/www/py-django14/Makefile
1.5modifypkgsrc/www/py-django14/distinfo