BlueSoybean.com - Free RSS-Based News Reader

close
  • rss_feed Follow any RSS- or Atom Feed tell me more...
  • language Use in your Browser on any Computer, Laptop or Phone tell me more...
  • money_off Free tell me more...
  • mouse Scroll and skim through a lot of Articles super fast tell me more...
  • keyboard Keyboard Shortcuts help you be more efficient yet. tell me more...
  • label Organise and easily find again interesting articles using Tags. tell me more...
  • share Share your Tags and Recommendations tell me more...

The Django weblog

On average 2 Articles by month

Latest news about Django, the Python Web framework.

Django 3.0 alpha 1 released | Weblog | Django

Django 3.0 alpha 1 released | Weblog | Django

via The Django weblog
Share  
Tags  

Django bugfix releases issued: 2.2.5, 2.1.12, and 1.11.24

Django bugfix releases issued: 2.2.5, 2.1.12, and 1.11.24 Today we've issued 2.2.5, 2.1.12, and 1.11.24 bugfix releases. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.

via The Django weblog
Share  
Tags  

Django security releases issued: 2.2.4, 2.1.11 and 1.11.23 | Weblog | Django

Django security releases issued: 2.2.4, 2.1.11 and 1.11.23 | Weblog | Django

via The Django weblog
Share  
Tags  

The first PyCon Africa | Weblog | Django

The first PyCon Africa | Weblog | Django

via The Django weblog
Share  
Tags  

DjangoCon Australia 2019: Tickets on sale ๐ŸŽŸ๏ธ | Weblog | Django

DjangoCon Australia 2019: Tickets on sale \ud83c\udf9f\ufe0f | Weblog | Django

via The Django weblog
Share  
Tags  

DjangoCon US 2019 Schedule Is Live ๐ŸŽ‰ | Weblog | Django

DjangoCon US 2019 Schedule Is Live \ud83c\udf89 | Weblog | Django

via The Django weblog
Share  
Tags  

Django security releases issued: 2.2.3, 2.1.10 and 1.11.22 | Weblog | Django

Django security releases issued: 2.2.3, 2.1.10 and 1.11.22 | Weblog | Django

via The Django weblog
Share  
Tags  

Django security releases issued: 2.2.2, 2.1.9 and 1.11.21 | Weblog | Django

Django security releases issued: 2.2.2, 2.1.9 and 1.11.21 | Weblog | Django

via The Django weblog
Share  
Tags  

Unauthenticated Remote Code Execution on djangoci.com

Unauthenticated Remote Code Execution on djangoci.com Yesterday the Django Security and Operations teams were made aware of a remote code execution vulnerability in the Django Software Foundation's Jenkins infrastructure, used to run tests on the Django code base for GitHub pull requests and release branches. In this blog post, the teams want to outline the course of events. Impact The Django Security and Operations teams want to assure that at no point was there any risk about issuing or uploading malicious releases of Django to PyPI or the Django Project website. Official Django releases have always been issued manually by releasers. Neither was there any risk to any user data related to the Django Project website or the Django bug tracker. Timeline On May 14th, 2019 at 07:48 UTC the Django Security team was made aware by Ai Ho through its HackerOne project that the Django's Continuous Integration service was susceptible to a remote code execution vulnerability, allowing unauthenticated users to execute arbitrary code. At 08:01 UTC, the Django Security team acknowledged the report and took immediate steps to mitigate the issue by shutting down the primary Jenkins server. The Jenkins master server was shut down by 08:10 UTC. At 08:45 UTC, the Operations team started provisioning a new server. In cases of a compromised server, it is almost always impractical to clean it up. Starting with a fresh, clean installation is a considerably better and safer approach. At 14:59 UTC, the new Jenkins master server was up and running again, with some configuration left to do to get Jenkins jobs working again. About 10 minutes later, at 15:09 UTC, that was the case. At 15:44 UTC, Jenkins started running tests against GitHub pull requests again. At 16:00 UTC, the Operations team discussed the ...

via The Django weblog
Share  
Tags  

Django bugfix release: 2.2.1

Django bugfix release: 2.2.1 Today we've issued the 2.2.1 bugfix release. The release package and checksums are available from our downloads page, as well as from the Python Package Index. The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.

via The Django weblog
Share  
Tags