[Python-modules-team] Bug#931316: python-django: CVE-2019-12308: Incorrect HTTP detection with reverse-proxy connecting via HTTPS
Moritz Mühlenhoff
jmm at inutil.org
Tue Jul 2 21:52:48 BST 2019
On Mon, Jul 01, 2019 at 05:57:51PM -0300, Chris Lamb wrote:
> [Adding team at security.debian.org, to CC]
>
> Hi Salvatore,
>
> > Control: found -1 2:2.2.1-1
> > Control: found -1 1:1.10.7-2+deb9u4
> > Control: found -1 1:1.10.7-1
>
> I've uploaded fixes to experimental, unstable and to jessie LTS.
>
> Security team (added to CC), would you like an upload for stable?
Please do, if we do a DSA, let's also include the fixes for CVE-2019-6975
and CVE-2019-12308 which were previously postponed due to low impact, ack?
Cheers,
Moritz
More information about the Python-modules-team
mailing list