Regression in security upload - self-tests fail if MANAGERS is defined in settings.py
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-django (Debian) |
Fix Released
|
Unknown
|
|||
python-django (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Lucid |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Oneiric |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Precise |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Quantal |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Raring |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
With the recent security upload of django, the self-tests will fail on
any site, if the MANAGERS variable is defined in settings.py. This is
because the admin gets mail about the SuspiciousOperation traceback
and the new test test_poisoned_
there's any mail at all, not who the mail is to or what it is.
james@ornery:
Creating test database for alias 'default'...
.......
-> self.assertEqua
(Pdb) print mail.outbox
[<django.
(Pdb) print mail.outbox[0].to
['<email address hidden>']
(Pdb) print mail.outbox[
[Django] ERROR (EXTERNAL IP): Internal Server Error: /password_reset/
(Pdb) print mail.outbox[0].body
Traceback (most recent call last):
File "/usr/lib/
response = middleware_
File "/usr/lib/
host = request.get_host()
File "/usr/lib/
raise SuspiciousOpera
SuspiciousOpera
<WSGIRequest
path:/password_
GET:<QueryDict: {}>,
POST:<QueryDict: {u'email': [<email address hidden>']}>,
COOKIES:{},
META:{'
'CONTENT_TYPE': 'multipart/
'HTTP_COOKIE': '',
'HTTP_HOST': 'www.example:<email address hidden>',
'PATH_INFO': u'/password_
'QUERY_STRING': '',
'REMOTE_ADDR': '127.0.0.1',
'REQUEST_METHOD': 'POST',
'SCRIPT_NAME': u'',
'SERVER_NAME': 'testserver',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'wsgi.errors': <cStringIO.StringO object at 0x2626fb8>,
'wsgi.input': <django.
'wsgi.
'wsgi.
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}>
(Pdb)
Related branches
CVE References
Changed in python-django (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
status: | New → Confirmed |
Changed in python-django (Ubuntu): | |
status: | Confirmed → In Progress |
Changed in python-django (Ubuntu Lucid): | |
status: | New → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in python-django (Ubuntu Oneiric): | |
status: | New → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in python-django (Ubuntu Precise): | |
status: | New → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in python-django (Ubuntu Quantal): | |
status: | New → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in python-django (Ubuntu Quantal): | |
status: | In Progress → Fix Committed |
Changed in python-django (Ubuntu Precise): | |
status: | In Progress → Fix Committed |
Changed in python-django (Ubuntu Oneiric): | |
status: | In Progress → Fix Committed |
Changed in python-django (Ubuntu Raring): | |
status: | In Progress → Fix Committed |
Changed in python-django (Ubuntu Lucid): | |
status: | In Progress → Fix Committed |
Changed in python-django (Debian): | |
status: | Unknown → New |
Changed in python-django (Debian): | |
status: | New → Fix Released |
This looks to be: /code.djangopro ject.com/ ticket/ 19172
https:/
Fixed in: /github. com/django/ django/ commit/ b774c5993cf8000 0966ae8f04c9851 16f98ee5ac
https:/