Back to python-django PTS page

Accepted python-django 2:3.2.12-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted python-django 2:3.2.12-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 01 Feb 2022 17:49:41 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1nExHh-000GP8-4N@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 01 Feb 2022 09:28:58 -0800
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 2:3.2.12-1
Distribution: unstable
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Closes: 1004752
Changes:
 python-django (2:3.2.12-1) unstable; urgency=high
 .
   * New upstream security release:
 .
     - CVE-2022-22818: Possible XSS via {% debug %} template tag.
 .
       The {% debug %} template tag didn't properly encode the current context,
       posing an XSS attack vector.
 .
       In order to avoid this vulnerability, {% debug %} no longer outputs
       information when the DEBUG setting is False, and it ensures all context
       variables are correctly escaped when the DEBUG setting is True.
 .
     - CVE-2022-23833: Denial-of-service possibility in file uploads.
 .
       Passing certain inputs to multipart forms could result in an
       infinite loop when parsing files.
 .
     See <https://www.djangoproject.com/weblog/2022/feb/01/security-releases/>
     for more information. (Closes: #1004752)
Checksums-Sha1:
 cdc813e579d51018d8416c449d14219479d931c2 2807 python-django_3.2.12-1.dsc
 93f6c3f0fd89f5c5a44dee688e752a258900a54e 9812448 python-django_3.2.12.orig.tar.gz
 8f3bfe43385673b8ae937169c395c5dfba8de2fb 35060 python-django_3.2.12-1.debian.tar.xz
 d215015572a9dd6e89c8a97b30fb63f9692033db 8089 python-django_3.2.12-1_amd64.buildinfo
Checksums-Sha256:
 c33aa89544c0b0a5971df3cb18f1fd1deb9ed41035cade5364cda7f3f7f956cc 2807 python-django_3.2.12-1.dsc
 9772e6935703e59e993960832d66a614cf0233a1c5123bc6224ecc6ad69e41e2 9812448 python-django_3.2.12.orig.tar.gz
 7f1bf88141e5e9e06cbf1bc60606ed53b6cb629c384a3dde5a0068aa46eb3591 35060 python-django_3.2.12-1.debian.tar.xz
 b99d78aab5699dbd4b57bdc704c4d980118b2df22b303d35d033741e67698a62 8089 python-django_3.2.12-1_amd64.buildinfo
Files:
 350062ea51fb57ddd8a0b72744d808ef 2807 python optional python-django_3.2.12-1.dsc
 1847b2f286930a9d84e820a757e3a7ec 9812448 python optional python-django_3.2.12.orig.tar.gz
 eedef8404056d75832230ebd4d3e2f30 35060 python optional python-django_3.2.12-1.debian.tar.xz
 77bdb2ee3e8039c7c7b724a99231a894 8089 python optional python-django_3.2.12-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmH5b2kACgkQHpU+J9Qx
HljlFA/+Mlty1sgR7gMekexDmjhXvQEUCfai7Soe42wE1IRTtl2FUh4MKofvQBnp
rY9Fsb9cI2mQgPPHA0/X8uBM5J5L+Izf+Jvs6rBcTuWtMgGll9meu9K+fRWDiPWS
1U9RDqphuEaiE008fe7GRpu5p5JdrCFGpVbIE4QteYZcxSCbhQ7Gtku30OpBAPgu
oLTY+hB8JbCCXTpgasdtkuMyoFv2BhYC07NfVew8j0coA8+JFEJbk4yohXReKZYX
CFc8zBMfVUFAcesrjEv6wTteyZ32ZYsQcsUOlTQlAdRrIcGp4+tHP81Xvoe11a1i
h8KZIAbLMYjD5X119U49T5/idZxcngfai1wPqDFbyk5KFJ0EU1QqTq7Cqr2XJsto
Gg5RcMKHy6mM6Q+h7pexUj5Vz5HAz031KUurTKmj56suySMFYbW8UZyvB2gMbjiS
GBJxornAyccac/urRj7+SXzouPeWp/ekuEsZkk69p2QDzSjmgpKVBaOnCpHmoLxG
IzAlZX3i+SX14AWM1SVezdSfFXU51lV4LjlH9/+I8k4q+3Ud9FSeQ9gqRPyO0hVx
bCSfnouCgXp6DXoms+nmtKuN4smvJF4xMUwr5T6SiayDGHiP8eQ+uGhejFmb9lvN
hWkxT7JlpZNIbZ8RQOBGGNuDEn5iXcEiarrY5nnFmN0cORqLouo=
=2XVi
-----END PGP SIGNATURE-----