[Bug 1417274] [NEW] CVE-2015-0221 backport broke serving static content through GZipMiddleware

Nelson Elhage Mon, 02 Feb 2015 13:26:48 -0800

Public bug reported:

Ubuntu backported the CVE-2015-0221 fix, which makes
`django.views.static.serve` stream file contents.  However,
https://github.com/django/django/commit/1e39d0f6280abf34c7719db5e7ed1c333f5e5919
was not backported, and without that fix, the Django GZipMiddleware is
unable to handle streaming content, breaking django applications that
combine static file serving with the gzip middleware. See upstream bug
https://code.djangoproject.com/ticket/24158 for more information.


** Affects: python-django (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1417274

Title:
  CVE-2015-0221 backport broke serving static content through
  GZipMiddleware

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-django/+bug/1417274/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1417274] [NEW] CVE-2015-0221 backport broke serving static content through GZipMiddleware

Reply via email to