Subject: CVS commit: [pkgsrc-2017Q1] pkgsrc/www/py-django-cms
From: Benny Siegert
Date: 2017-05-11 20:04:57
Message id: 20170511180457.C8812FBE4@cvs.NetBSD.org
Log Message:
Pullup ticket #5408 - requested by sevan
www/py-django-cms: security fix

Revisions pulled up:
- www/py-django-cms/Makefile                                    1.44
- www/py-django-cms/PLIST                                       1.30
- www/py-django-cms/distinfo                                    1.35

---
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Tue May  9 08:13:50 UTC 2017

   Modified Files:
           pkgsrc/www/py-django-cms: Makefile PLIST distinfo

   Log Message:
   Changes 3.4.3:
   * Fixed a security vulnerability in the page redirect field which
   allowed users
     to insert JavaScript code.
   * Fixed a security vulnerability where the ``next`` parameter for the
   toolbar login
     was not sanitised and could point to another domain.
Files:
RevisionActionfile
1.43.2.1modifypkgsrc/www/py-django-cms/Makefile
1.29.2.1modifypkgsrc/www/py-django-cms/PLIST
1.34.2.1modifypkgsrc/www/py-django-cms/distinfo