[Python-modules-team] python-django_1.10.7-2+deb9u9_amd64.changes ACCEPTED into oldstable-proposed-updates->oldstable-new

Debian FTP Masters ftpmaster at ftp-master.debian.org
Thu Jun 18 10:03:52 BST 2020 

Mapping oldstable-security to oldstable-proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 13 Jun 2020 15:47:14 +0100
Source: python-django
Binary: python-django python3-django python-django-common python-django-doc
Built-For-Profiles: nocheck
Architecture: source all
Version: 1:1.10.7-2+deb9u9
Distribution: stretch-security
Urgency: high
Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby at debian.org>
Description:
 python-django - High-level Python web development framework (Python 2 version)
 python-django-common - High-level Python web development framework (common)
 python-django-doc - High-level Python web development framework (documentation)
 python3-django - High-level Python web development framework (Python 3 version)
Changes:
 python-django (1:1.10.7-2+deb9u9) stretch-security; urgency=high
 .
   * CVE-2020-13254: Potential a data leakage via malformed memcached keys.
 .
     In cases where a memcached backend does not perform key validation, passing
     malformed cache keys could result in a key collision, and potential data
     leakage. In order to avoid this vulnerability, key validation is added to
     the memcached cache backends.
 .
   * CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget.
 .
     Query parameters to the admin ForeignKeyRawIdWidget were not properly URL
     encoded, posing an XSS attack vector. ForeignKeyRawIdWidget now ensures
     query parameters are correctly URL encoded.
Checksums-Sha1:
 e9426589ecf10cd4805ec672759131c6added447 2804 python-django_1.10.7-2+deb9u9.dsc
 561a9de7d32f6d6248db5b3f41a615e5bf954bb7 46376 python-django_1.10.7-2+deb9u9.debian.tar.xz
 6d30ab0060e3775862c27c23feff714c9f3ea1d6 1515556 python-django-common_1.10.7-2+deb9u9_all.deb
 b4214ba457957e2e34bdd22d6ca73eabe74f7986 2537014 python-django-doc_1.10.7-2+deb9u9_all.deb
 f0e21c89eac25d7dcfcba03c2e52648d5e929598 905646 python-django_1.10.7-2+deb9u9_all.deb
 d857e383076c296da2440e035562d65df18f92e7 9430 python-django_1.10.7-2+deb9u9_amd64.buildinfo
 f5689b43b0a60516fce6e8f01349d68aa0da15ac 887316 python3-django_1.10.7-2+deb9u9_all.deb
Checksums-Sha256:
 a9dd7a30a924423de3a2ea18ee34be27654b759a93543b5d092463da2d2762ce 2804 python-django_1.10.7-2+deb9u9.dsc
 cfd73e3e22b30ddbcee701d5f2061d3f9ebf948e628b9560dff89b55a439e576 46376 python-django_1.10.7-2+deb9u9.debian.tar.xz
 3ebd253d7605a8234fd80d18c71ba27d784542b85809245c4cc35828e4aa2912 1515556 python-django-common_1.10.7-2+deb9u9_all.deb
 1653b6f7fb9ecc1cf8e8ec9c7fc06cba94973063687a7933e69f82d94dacece1 2537014 python-django-doc_1.10.7-2+deb9u9_all.deb
 7b7f3791bc1d8988eb774af1ae8885c55aed2dd369d17b770851177ef46bbd1b 905646 python-django_1.10.7-2+deb9u9_all.deb
 239ab13628404c29845d25e9dc56d9c1d495e03562045547ee036bd72abaaf9e 9430 python-django_1.10.7-2+deb9u9_amd64.buildinfo
 c74d2a83ed957a45ead42b30d2b63b450bd8d482a3560a2a20eee2b89b3cdfbf 887316 python3-django_1.10.7-2+deb9u9_all.deb
Files:
 9a792e5efec85f72f1c524874b80552a 2804 python optional python-django_1.10.7-2+deb9u9.dsc
 236ce0e188568f95e2fc78f3163b077e 46376 python optional python-django_1.10.7-2+deb9u9.debian.tar.xz
 f15def45b854a42ffa8f0d56e5a919bc 1515556 python optional python-django-common_1.10.7-2+deb9u9_all.deb
 a430928af30934995e0a5be14f4bdaa6 2537014 doc optional python-django-doc_1.10.7-2+deb9u9_all.deb
 476a6f087c33252d8ea20094687be5a1 905646 python optional python-django_1.10.7-2+deb9u9_all.deb
 74ba69a7335e93fa088cae81b754c478 9430 python optional python-django_1.10.7-2+deb9u9_amd64.buildinfo
 8233bcf170de3075452567231e8e6b1f 887316 python optional python3-django_1.10.7-2+deb9u9_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7p9r4ACgkQHpU+J9Qx
Hlh3rg//XMx3dr1gqlSgZhSlrAMIu0Thh13mDde/2scCcvX2DZClDT+xRbbTLLbQ
secqP604vypfISFfi65jk9v5Vocjxh9VDxrxnRktY7sMFLxNsRb+lst8MTirl4ZY
kHNGf2/7cEx5dj9H7lIcgzZP4ANV9kQmyxvVwBwLpUWB2AvC6Lxcseqpno9BG4eT
lE7B9qZ5j+bQKHVR6SUWS3T6uVlQOCPODXS09jDw+2nN/QoFvWdVFTlSGWsd3dHn
FJTXTd+NHUid8KGn789wrOtycJ9y/FA0Qx9XLH7+65R8yoBKVm7mM5JZtGRBtWEq
NAxD6HJgJ663/Ca9wus9ZjmsNZ0lApjUh2R06ZNcVwhrYm/6//976uJ/v/RIM7OC
L+B3UO2p/DdpwzZzo0Pl5onfBFoxKokuqQikg2wQm1pRryVLk+2u3dBL4tmbMkez
IbUd5oSDtycIhG6BHRSi6Henmvbha3cs/Xp0L7Ld5UW5uORhkujG2eoWPBIGSK4Z
a94zCuYVpPOCF0pptgqvDqVtCSctgZTd3AVMN0P0cZw9MgYXioZMPBeFjHC9VLCp
MADVvP7WiImks3ESpZrS2Ew2LKcXOmRrK1prVySTTrEiezNJDWTETHdOqfDQOfu5
hvTHDDv0P28gOFIOKkUFs0NB8f8XivOWq12yrCywyqOT2ZkGqUY=
=ZzdK
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.

More information about the Python-modules-team mailing list