Accepted python-django 3:3.2.15-1 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted python-django 3:3.2.15-1 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 03 Aug 2022 14:36:04 +0000
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:To:Reply-To:From:Cc: Content-ID:Content-Description:In-Reply-To:References; bh=5JNLjMo0bAFYm1ctDHBiJCtk5THao09tN9YJvpmrudQ=; b=a6GSY/jw4+qNFaJiVQKgUEyIAt z4ZtEkscw7bxki8uGKKmArASyzBws1OaCnE0k4Cf4E+NFpBi5Mbe85lh2nxxpuk0M7PMtNd+flmrW Q7CNFetXj4GTyqtxmbDd2sWZSvNHXgunmNLNT233xbdktxjtrB7/tpz9I02/UP6XpaFtWAco2OXbL vKqoLLPCAm+sHv9Rp1nvYWh0015oB9pAkuF6/O3LiqA+JJYL9WAFhEXE5zgFmlan4aty1L56MrqiF a6ZuaVW/3u06SH0EDxr0aR1erPYGY4vIjKe2SZ9JqLyXBsxFfHjwM1YjvK/DT2zhBKcHx/XKhTZ3i fsGpGl+g==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1oJFTg-000d6B-8e@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 03 Aug 2022 07:11:45 -0700
Source: python-django
Built-For-Profiles: nocheck
Architecture: source
Version: 3:3.2.15-1
Distribution: unstable
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Changes:
python-django (3:3.2.15-1) unstable; urgency=high
.
* New upstream security release.
.
- CVE-2022-36359: Potential reflected file download vulnerability in
FileResponse. An application may have been vulnerable to a reflected file
download (RFD) attack that sets the Content-Disposition header of a
FileResponse when the filename was derived from user-supplied input. The
filename is now escaped to avoid this possibility.
.
<https://www.djangoproject.com/weblog/2022/aug/03/security-releases/>
Checksums-Sha1:
9ee8a7f3c1543f90dad7f0b903ec821ee6a91160 2807 python-django_3.2.15-1.dsc
11379f9769e7e6c65e75800782aa9da4861b0358 9833828 python-django_3.2.15.orig.tar.gz
9d3cde80774ad220367d4ea8dec6011639d16d74 36436 python-django_3.2.15-1.debian.tar.xz
75b8c1da66ee3a2a677d547beaff217147d47f53 8107 python-django_3.2.15-1_amd64.buildinfo
Checksums-Sha256:
5344d8b068b3ea7854c37f8f199f47d08648ec26eef13a85e4a737f639ae3957 2807 python-django_3.2.15-1.dsc
f71934b1a822f14a86c9ac9634053689279cd04ae69cb6ade4a59471b886582b 9833828 python-django_3.2.15.orig.tar.gz
65f90aae1f3a47e4cfa3cca02da237624340da249c27d3e308880d9a9d1a6b09 36436 python-django_3.2.15-1.debian.tar.xz
628cef7f092a8f9fec53b00cde9e7878bf4b5b12455b698aa36d3113f98233c4 8107 python-django_3.2.15-1_amd64.buildinfo
Files:
45ec43384f0dfb35ba86dfedb5c08151 2807 python optional python-django_3.2.15-1.dsc
0bc509df6fd459fd7258b3ffe78b1d99 9833828 python optional python-django_3.2.15.orig.tar.gz
7c142824aa48f2372afa60f6068b6dfc 36436 python optional python-django_3.2.15-1.debian.tar.xz
5116effe52322aa6f56023c5bb591551 8107 python optional python-django_3.2.15-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmLqg70ACgkQHpU+J9Qx
HljEsBAArjOzkDu4h307tp43dpkIvqXAXMtrPt73a7ZDfhZtR9yN/+pwncMgjq5V
4mYSil2TcisrSbGY5KKy/gE8ifbsglT2YRi5ndCWNtFRejnJroJjWO1p/LLp2UX0
ODlB0lFjPcq8EGp8YWpM+W/sJcOJcqEivvMrbl4xH1Argog2LXHFIEFqnkESHtOS
K9uszJ8AXP7jEaHUX1y9tTaCTCJY8UdwkSuUgtDOpf00BimYzlkgwJK+j/y9VFHe
UqSzXG/uTkL9M7eOtBzptjfv9gRyqw1yzklNR+957/YPH+zRC9wW3G3w6E32cle7
1MXCQtO4KJbABbrC4cOumm5E2KP7CMkoecircBoQCDH5BqRCtt7nJq7H+KH+G877
wv/8XixvtVuQy7upDi+8LS0AYC3dT4oaJyI6VVj432P3Cy9iKaO4J5eWDApkbdgR
VPrBoEL1gJ1/lVQDO9opO2yc9fUahCt4kDeLaQtJ5aDl+3gQzZFIg+eRlB3kQeBD
btZxS6PwRkIx+kxS78Vhe/nivdu9fg5lifhzI6Kz6q6x/Xjgc/VZ1gVrr93hMHYW
wL6fcq1NL5GPNNHH2ZlrjY5eDo9/d2WnUe5Mv0voPJkpvzCK1jwEew/0sDp91ZsK
GbJvHE0naWguDCPj+U20AUlC32XUynnMwh/whEmUI1XPuaVm91Q=
=cE5h
-----END PGP SIGNATURE-----